Overview
In PowerShell, you can use various cmdlets to manage local users and groups more efficiently than the traditional command-line tools. Here are some of the most commonly used PowerShell cmdlets for managing local users and groups in Windows:
Creating a Local User:
- To create a new local user account, you can use the
New-LocalUsercmdlet. Replace “Username” and “Password” with the desired username and password for the new user.
New-LocalUser -Name "Username" -Password (ConvertTo-SecureString "Password" -AsPlainText -Force)
Changing a User’s Password:
- To change the password for an existing local user, you can use the
Set-LocalUsercmdlet. Replace “Username” with the username of the user whose password you want to change.
Set-LocalUser -Name "Username" -Password (ConvertTo-SecureString "NewPassword" -AsPlainText -Force)
Deleting a Local User:
- To delete an existing local user account, you can use the Remove-LocalUser cmdlet. Replace “Username” with the username of the user you want to remove.
Remove-LocalUser -Name "Username"
Adding a User to a Group:
- To add a user to a local group (e.g., Administrators or Users), you can use the Add-LocalGroupMember cmdlet. Replace “GroupName” with the name of the group and “Username” with the username of the user you want to add to the group.
Add-LocalGroupMember -Group "GroupName" -Member "Username"
Removing a User from a Group:
- To remove a user from a local group, you can use the Remove-LocalGroupMember cmdlet. Replace “GroupName” with the name of the group and “Username” with the username of the user you want to remove from the group.
Remove-LocalGroupMember -Group "GroupName" -Member "Username"
If you don’t remember what the command is, you can use the Get-Command to find the cmdlet
PS C:\> Get-Command *local* |where {$_.Source -eq "Microsoft.PowerShell.LocalAccounts"}
CommandType Name Version Source
----------- ---- ------- ------
Cmdlet Add-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Disable-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Enable-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Get-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Get-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Get-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet New-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet New-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Remove-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Remove-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Remove-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Rename-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Rename-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Set-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Cmdlet Set-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
Conclusion
PowerShell cmdlets provide a more intuitive and script-friendly way to manage local users and groups on Windows systems. Always ensure you have the appropriate permissions before performing any user or group management tasks.