Command Line Techniques for Managing Domain User Accounts and Groups

Maria L

Managing domain user accounts and groups through PowerShell and Command Prompt is a powerful way to automate and streamline tasks related to user account management in an Active Directory environment. By using these tools, administrators can create, modify, and delete user accounts and groups, as well as perform other tasks such as setting passwords, enabling or disabling accounts, and managing group membership.

One of the most common tasks when working with user accounts and groups is creating new user accounts. This can be done using the net user command in Command Prompt or the New-ADUser cmdlet in PowerShell. For example, to create a new user account called “JohnDoe” with the password “P@ssw0rd” in the “Marketing” OU in the domain, you would use the following command in Command Prompt:

net user JohnDoe P@ssw0rd /add /domain


In PowerShell, you would use the following command:

New-ADUser -Name "JohnDoe" -AccountPassword (ConvertTo-SecureString -AsPlainText "P@ssw0rd" -Force) -Enabled $true -Path "OU=Marketing,DC=example,DC=com"


Another common task is modifying existing user accounts. This can be done using the net user command in Command Prompt or the Set-ADUser cmdlet in PowerShell. For example, to change the password of the “JohnDoe” account to “P@ssw0rd1”, you would use the following command in Command Prompt:

net user JohnDoe P@ssw0rd1


In PowerShell, you would use the following command:

Set-ADAccountPassword -Identity "JohnDoe" -NewPassword (ConvertTo-SecureString -AsPlainText "P@ssw0rd1" -Force)


Similarly, to disable the account of “JohnDoe”, you would use the following command in Command Prompt:

net user JohnDoe /active:no


In PowerShell, you would use the following command:

Disable-ADAccount -Identity "JohnDoe"


Managing groups also can be done using PowerShell and Command Prompt. To create a new group called “Marketing” in the “Marketing” OU in the domain, you would use the following command in Command Prompt:

net localgroup Marketing /add /domain


In PowerShell, you would use the following command:

New-ADGroup -Name "Marketing" -GroupScope Global -Path "OU=Marketing,DC=example,DC=com"


To add a user to a group, you would use the following command in Command Prompt:

net localgroup Marketing JohnDoe /add /domain


In PowerShell, you would use the following command:

Add-ADGroupMember -Identity "Marketing" -Members "JohnDoe"


It’s important to note that the above commands are just examples and may require adjustments depending on the specific environment and requirements. Additionally, it’s recommended to always test these commands on a test environment before applying them to a production environment.

Managing domain user accounts and groups through PowerShell and Command Prompt is a powerful way to automate and streamline tasks related to user account management in an Active Directory environment. By using commands such as net user, `New-ADUser.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Copyright Kommands.com © All right reserved