How to manage user accounts in Windows from CMD

On our Windows computer it is possible to create, delete and manage user accounts from the system configuration page itself. However, it is also possible to manage system user accounts from a Command Prompt window via the command line. To do this, we are going to use the command called Net User, which we are going to talk about today that will allow us to manage Windows 10 and Windows 11 user accounts in this way.

The Net User command line is extremely useful when it comes to managing user accounts in Windows 10 and Windows 11 as we will be able to perform numerous actions with this command, such as adding a new user account or changing the password of an existing account, etc, as we will see below.

manage user accounts in Windows from CMD

What is NetUser

Net User is a command line tool that is available for both Windows 10 and Windows 11, through which it allows us to display information about the system’s user accounts, make some changes to them in a simple way and even activate the account inactive system administrator. That is why through this command we can add, delete or modify user accounts.

It is a tool mainly used by system administrators, who usually access the operating system through SSH and execute different commands in the console. But the endless possibilities of this tool are not limited to just the uses mentioned above.

Since this is an administrator account command line tool, it can be used from both Command Prompt and PowerShell when run as an administrator. To open it from Command Prompt, just type CMD in the Start menu search box and click “Run as administrator”.

Ejecutar CMD como administrador

Uses of the Net User command

The use of Net User does not have many complications as we will see below. If we execute it from the Command Prompt without any arguments behind it, it will show us a list with all the users that we have created in our operating system.

Net User

Net User lista de usuarios

If you see a user account with the name WDAGUtilityAccount , we should not worry, since this account is part of Windows Defender Application Guard and provides additional security to our computer, against malicious attacks, when we browse the Internet.

basic commands

Net User supports many parameters, but there are some that you might use more often than others.

  • Net User username : This command lists detailed information about the user that we specify. This includes information such as last login, local group membership, and password information.

net user username password /add

To add the user with password we must replace the “username” part of the command line with the name you want to give to the account and the “password” with a password that will be used to log in to the account.

  • Net User username password : Sets the password for the user account.

net user username password

To change the password of a user account we replace “username” with the username and “password” with the password we want to set

  • Net User username /delete : deletes the user and everything related to its configuration. The changes made are not reversible.

net user username /delete

To remove a user we must replace the “username” on the command line with the user account you want to remove from your computer.

  • Net User username /active:yes|no : Activate the account so that it can be used. In case of establishing it, it does not deactivate the account.
  • Net User username password /add : creates a new user in the system, incorporates the new username and the password that we want that specific user to have.

Net User Command Syntax

The command syntax seems confusing at first glance, as it shows various commands you can run when you run its helper command which will show us all the commands that are available, along with what each one does. To do this, type the following command and press Enter:

net user /help

Net User ayuda

This will show us the correct syntax, options and functions available with this tool.

NET USER
[user [password | *] [options]] [/DOMAIN] user {password | *} /ADD [options] [/DOMAIN] user [/DELETE] [/DOMAIN] user [/TIMES:{times | ALL}] user [/ACTIVE: {YES | NOT}]

  • User: name of the user account that you want to add, delete, modify or view. The user account name can be up to 20 characters long.
  • Password – Assign or change the password for the user account. Passwords must meet the minimum length set with the /MINPWLEN option on the NET ACCOUNTS command, and can be up to 14 characters.
  • * (asterisk): Create a password request. The password will not be displayed while it is being typed.
  • /DOMAIN – Performs the operation on a domain controller in the current domain.
  • /ADD – Adds a user account to the user account database.
  • /DELETE – Removes a user account from the user account database.

Other commands of interest

This help command also shows us other interesting options that we can carry out with Net User:

  • /COMMENT:”text”: Provides a descriptive comment about the user account. Write a text between quotes.
  • /COUNTRYCODE:nnn – Uses the country/region code of the operating system to use the language files specified in help and user error messages. A value of 0 indicates the default country/region code.
  • /EXPIRES:{date | NEVER} – Causes the account to expire if a date is set. NEVER does not set a time limit on the account. The expiration date must be in the format mm/dd/yy(yy). Months can be indicated by numbers, names, or three-letter abbreviations. The year must contain 2 or 4 numbers. Use forward slashes (/) instead of spaces to separate parts of the date.
  • /FULLNAME:”name” – The user’s full name (as opposed to a username). Enclose the name in quotation marks.
  • /HOMEDIR:path – Sets the path to the user’s home directory. The path must exist.
  • /PASSWORDCHG:{YES | NO}: Specifies whether users can change their password. The default value is YES.
  • / PASSWORDREQ:{YES | NO}: Specifies whether a user account must have a password. The default value is YES.
  • /LOGONPASSWORDCHG:{YES|NO} – Specifies whether the user must change their own password at the next login. The default option is NO.
  • /PROFILEPATH[:path] – Sets a path for the user’s login profile.
  • /SCRIPTPATH:path – Location of the user’s login script.
  • /TIMES:{times | ALL}: login hours. TIMES is expressed as day[-day][,day[-day]],hour[-hour][,hour[-hour]], limited to 1-hour increments. The days can be written in full or abbreviated. Hours can be expressed in 12-hour or 24-hour notation. Use am, pm, amo pm for 12-hour notation. ALL indicates that a user can always log in, and a blank value indicates that they can never log in. Separate day and hour values with commas, and separate multiple day and hour values with semicolons.
  • /USERCOMMENT:”text” – Allows an administrator to add or change the user comment for the account.
  • /WORKSTATIONS:{team [,…] | *}: Displays up to 8 computers on the network from which a user will be able to log in. If /WORKSTATIONS has no list or if list is *, the user will be able to connect from any computer.

As we can see, Net User is an extremely interesting command to be able to manage and configure user accounts in Windows 10 and Windows 11. With its use we can create, modify, delete, add passwords and many other interesting and useful parameters.