How to Manage User Accounts with PowerShell Commands
You can manage user accounts in PowerShell using cmdlets like
New-LocalUser to create, Set-LocalUser to modify, and Remove-LocalUser to delete accounts. These commands let you automate user management tasks easily on Windows systems.Syntax
PowerShell provides specific cmdlets to manage local user accounts. Here are the main commands:
New-LocalUser -Name <username> -Password <securestring> -FullName <fullname> -Description <desc>: Creates a new user.Set-LocalUser -Name <username> -FullName <fullname> -Description <desc>: Modifies an existing user.Remove-LocalUser -Name <username>: Deletes a user.Get-LocalUser: Lists all local users.
Each cmdlet requires specific parameters like the username and optionally password or description.
powershell
New-LocalUser -Name "jdoe" -Password (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -FullName "John Doe" -Description "Test user" Set-LocalUser -Name "jdoe" -FullName "Johnathan Doe" -Description "Updated description" Remove-LocalUser -Name "jdoe" Get-LocalUser
Example
This example shows how to create a new user, update their full name, list all users, and then remove the user.
powershell
$password = ConvertTo-SecureString "P@ssw0rd123" -AsPlainText -Force New-LocalUser -Name "alice" -Password $password -FullName "Alice Smith" -Description "Example user" Set-LocalUser -Name "alice" -FullName "Alice B. Smith" -Description "Updated user description" Get-LocalUser | Where-Object Name -eq "alice" | Format-List Name,FullName,Description Remove-LocalUser -Name "alice"
Output
Name : alice
FullName : Alice B. Smith
Description : Updated user description
Common Pitfalls
Common mistakes when managing user accounts in PowerShell include:
- Not converting the password to a secure string using
ConvertTo-SecureString, which causes errors. - Trying to create a user that already exists without checking first.
- Running commands without administrator rights, which are required for user management.
- Forgetting to remove users when no longer needed, cluttering the system.
powershell
try { New-LocalUser -Name "bob" -Password "plainpassword" -FullName "Bob" -Description "Wrong password format" } catch { Write-Output "Error: Password must be a secure string." } # Correct way $password = ConvertTo-SecureString "StrongPass!" -AsPlainText -Force New-LocalUser -Name "bob" -Password $password -FullName "Bob" -Description "Correct password format"
Output
Error: Password must be a secure string.
Quick Reference
| Cmdlet | Purpose | Key Parameter |
|---|---|---|
| New-LocalUser | Create a new local user account | -Name, -Password, -FullName, -Description |
| Set-LocalUser | Modify an existing user account | -Name, -FullName, -Description |
| Remove-LocalUser | Delete a local user account | -Name |
| Get-LocalUser | List all local user accounts | No parameters needed |
Key Takeaways
Use New-LocalUser with a secure string password to create users safely.
Always run user management commands as an administrator.
Check if a user exists before creating to avoid errors.
Use Set-LocalUser to update user details without recreating accounts.
Remove unused users with Remove-LocalUser to keep the system clean.