Techulk
Troubleshooting

Add, delete, and modify user accounts and local groups with PowerShell

4 Mins Read
Pinterest LinkedIn Tumblr

PowerShell gives the possibility of manage local users with a collection of commands Microsoft.PowerShell.LocalAccounts.

This article guides you to use Powershell to administer your local accounts and groups.
How? ‘Or’ What add, delete and modify user accounts and local groups with PowerShell.

Powershell commands to manage user accounts and groups

Here is the list of commands available to manage local accounts with PowerShell.

The following command lists them:

Get-Command -Module Microsoft.PowerShell.LocalAccounts
Manage local accounts with powershell
Manage local accounts with powershell
  • Add-LocalGroupMember – Add a user to a group
  • Disable-LocalUser —Deactivate a local user
  • Enable-LocalUser – Activate a local user
  • Get-LocalGroup – View user groups
  • Get-LocalGroupMember – View the list of all groups and their members
  • Get-LocalUser – View local account preferences
  • New-LocalGroup – Create a group
  • New-LocalUser – Create a new local user
  • Remove-LocalGroup – Delete a local user
  • Remove-LocalGroupMember – Remove the member from a group
  • Remove-LocalUser – Delete a local user
  • Rename-LocalGroup – Rename a group
  • Rename-LocalUser – Rename a user
  • Set-LocalGroup – Change the settings of a local group
  • Set-LocalUser – Change the settings of a local account

Add, delete and modify user accounts with PowerShell

List local user accounts

Here’s how to list local user accounts.

Active user accounts are marked True.

Get-LocalUserList local user accounts in PowerShell

To display the complete information of a local user account, we use the following Powershell command:

Get-LocalUser -Name 'username' | Select-Object *
 In place of username, enter the name of the user based of the list of users in your system.
Get local user by name in Powershell
Get local user by name in Powershell

Finally to filter on a particular object we use Select-Object.

For example the last password modification date:

Get-LocalUser -Name 'username' | Select-Object PasswordLastSet
Last password modification date
Last password modification date

Create a local user account with PowerShell

Then PowerShell gives the possibility to create the following user accounts:

  • Local accounts
  • Microsoft account
  • Azure Active Directory accounts

This is done with the command New-LocalUser.

When you create a user account, you must provide the password.

Here’s how to create a local account:

$UserPassword = Read-Host –AsSecureString
New-LocalUser "Netwrix" -Password $UserPassword -FullName "Username" -Description "CompleteVisibility"

Below, we created a Microsoft account with Powershell:

New-LocalUser -Name "MicrosoftAccount[email protected]" -Description "Microsoft Account"

Finally to create an Azure Active Directory account:

New-LocalUser -Name "AzureAD[email protected]" -Description "Compte Azure AD"

Change the password of a local user with PowerShell

To change the password of a local user account with PowerShell, we use the command Set-LocalUser.

$UserPassword = Read-Host –AsSecureString
Set-LocalUser -Name Administrator -Password $UserPassword –Verbose

So that the password never expires, then use this command:

Set-LocalUser -Name Username -PasswordNeverExpires $False

Delete a user account with PowerShell

The cmdlet Remove-LocalUser allows you to delete a local user account:

Remove-LocalUser -Name Username -Verbose

Add, delete and modify user groups with PowerShell

List user groups

Here’s how to list user groups with PowerShell:

Get-LocalGroup
Get localgroup command
Get localgroup command

Add a user group with PowerShell

Then to create a user group, we use New-LocalGroup :

New-LocalGroup -Name 'NomGroupeUtilisateur' -Description 'Description Groupe utilisateur'

Add a user to a local group with Powershell

The command to create a user group is Add-LocalGroupMember.
You can add multiple users in one command.

Add-LocalGroupMember -Group 'NomGroupe' -Member ('Username',’Username2') –Verbose

For example to add the user MaK and SuperMak to the administrator group in PowerShell:

Add-LocalGroupMember -Group 'Administrateur' -Member ('MaK',’SuperMaK') –Verbose

List the user accounts of a user account

To obtain the list of users in a PowerShell group:

Get-LocalGroupMember -Group 'NomGroupe'List the user accounts of a PowerShell user account

Delete a local user group in PowerShell

Finally to delete a local user group in PowerShell, we use Remove-LocalGroupMember :

Remove-LocalGroupMember -Group 'NomGroupe' -Member 'Username'

Manage users on a remote PC with PowerShell

With PowerShell you can also manage users from a remote PC.

To do this, you must connect to it via WinRM using cmdlets Invoke-Command and Enter-PSSession.

So it only works with a user domain.

For example, if we want to remotely view membership in the Local Admin group on multiple computers, we need to run the following script:

$search = new-pssession -computer NomOrdinateur,NomOrdinateur2,NomOrdinateur3
invoke-command -scriptblock {Get-LocalGroupMember -Group 'Administrateurs'} -session $search -hidecomputername | select * -exclude RunspaceID | out-gridview -title "Compte Local Admin"

He is a geek, casual gamer and a gadget enthusiastic. He has significant knowledge in the field of smartphones along with skills in HTML, Digital Marketing and Photography.

Related Posts

Write A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.