User Management

It it possible to create and manage user accounts with Powershell. It is quite essential skill for domain users. In this course we just take a look of user management in a workstation environment.

Get Local Users

You can get all local users with cmdlet Get-LocalUser.

#show all current local users
Get-LocalUser -Name *

Local Users

You can get all local enabled users with using filtering pipeline Where-Object.

#show all enabled local users
Get-LocalUser -Name * | Where-Object Enabled

Local Users

Create User

To create a new local user in the Windows operating system using PowerShell, we use the New-LocalUser cmdlet. In the example below the PowerUser with no password will be created. Please note: you have to have run PowerShell as Administrator privileges that you can run the New-LocalUser cmdlet. If not, cmdlet will not work and you will get error message New-LocalUser : Access denied.

$newuser = 'PowerUser'
New-LocalUser -Name $newuser -NoPassword
#show current local user
Get-LocalUser -Name $newuser

New Local User

There are many parameters for cmdlet New-LocalUser, as you can see: parameters

Remove Local User

Remove-LocalUser deletes local user accounts.
Please, be careful when you trying this cmdlet!

$removeuser = 'PowerUser'
Remove-LocalUser -Name $removeuser
#show current local users
Get-LocalUser -Name Pow*

Remove Local User

Local Groups

All the rights and permissions that are assigned to a group are assigned to all members of that group.

Members of the Administrators group on a local computer have Full Control permissions on that computer. Limit the number of users in the Administrators group.

If the computer is joined to a domain, you can add user accounts, computer accounts, and group accounts from that domain and from trusted domains to a local group. You can get all local groups with the cmdlet Get-LocalGroup.

Get-LocalGroup

Local User

You can see users in a local group with cmdlet Get-LocalGroupMember. In the following example two groups are showed.

#common users
Get-LocalGroupMember -Name Users
#administrators
Get-LocalGroupMember -Name Administrators

Local User

More about topics

If you need more information about user management, please familiarize yourself with these:
Local Account
Active Directory in Windows Server