, то она не будет отображаться во время загрузки системы и даже в аплете «Учетные записи пользователей».

Если запустить команду net user без параметров, то можно увидеть, что кроме пользователя, создание которого производилось из командной строки, есть, и… УчетнаяЗапись Администратор и Гость. К сожалению, данная команда не показывает, какая активирована, а какая нет. Стоит помнить, что встроенные системные Учетные_Записи Администратор и Гость нельзя удалить посредством команды net user Администратор /delete. Их можно только отключить:

Стоит помнить, что данные учетные записи могут иметь и другие названия (Administrator, admin…). А теперь самое интересное, если вы счастливый обладатель XP, ну например SP3 (полагаю, что многое зависит еще и от сборки), то при установке операционной системы, Учетная_Запись «Администратор» остается включенной, более, она не отображается при входе в систему. В интернете есть видео под громким названием «Обходим пароль администратора», так вот, там при входе в систему (при появлении окна приветствия) достаточно было ввести комбинацию CTRL+Alt+DEL (дважды), в появившемся окне ввести Administrator и Enter, вы попадете в систему да еще и с правами администратора! Понятно, что если учетная запись не имеет пароля, и активна, то ничто не мешает попасть в середину. Для любознательных, можно открыть Панель управления/ Администрирование/ Управление компьютером и аналогично посмотреть, какие учетные записи есть и какие активны. Но, если вы счастливый обладатель Семерки, то тут трюк с CTRL+Alt+DEL уже не пройдет, поскольку Администратор отключен.

Но, создав пользователя из командной строки посредством утилиты net user, он автоматически будет зачислен в группу пользователи, что не есть хорошо, особенно, если мы хотим под этим аккаунтом творить свои темные делишки.

И так, следующая команда net localgroup позволяет просматривать имеющиеся в системе группы и добавить нового пользователя из CMD (командной строки) в ту или иную группу. Проделав аналогичные действия, мы увидим, что групп не две как предполагалось (Администраторы и Гости), а значительно больше.

Ладно, добавим NewUser в группу администраторы:

После выполнения данной команды наш новоиспеченный NewUser будет состоять в двух группах – Администраторы и пользователи (при желании можно его и в остальные группы добавить). Удаление пользователя из группы происходит с использованием параметра /delet. Например:

Тут стоит обратить внимание на Семерку, тут есть порой очень раздражающий механизм UAC – контроль учетных записей. При попытке что-то установить или изменить в системе, он предлагает вариант разрешить или нет. Иногда этот механизм не позволяет установить игру или программный пакет (стоит помнить, что некоторые функции CMD работают лишь в том случае, например, создание пользователя из командной строки, если ее запустить от имени администратора), в таком случае можно попробовать активировать встроенную системную запись Администратор и уже под ней произвести нужные действия. НО. После, ее надо или снова отключить, или же поставить пароль, от греха подальше.

Спасибо за внимание. Автор блога Владимир Баталий

Add new user account from command line (CMD)

Some times we may want to add new users from command line instead of using the UI. For example, if we have to add some 100 users, using a script will save lot of time and manual effort. Windows provides net user command for this purpose. This command works on Windows 2000, Windows XP/2003, Vista and Windows 7.

To add a new user account on the local computer:

Example: To add a new user account with the loginid John and with password fadf24as

Hide password

If you do not want the password to be visible while adding new user account, you can use ‘*’ as shown below.

To add a new user account to the domain:

Note that the command does not include the domain name.

Rename a user account

Net use command does not have any switches to rename a user account. But we can do that using wmic commands. Please check this – Rename user accounts on Windows

Few more Advanced uses of net user command.

To set user full name while creating the user account

To allow user to change password:

To restrict user not to change the password:

To set account expiry time we can use /EXPIRES switch. This can also be used to set that the account never expires.

To specify if the user must have a password set we can use /PASSWORDREQ switch. For more information on all net user options, read this – Net user command: syntax and examples

How to create a new administrator account?

An administrator account can’t be created directly. We first need to create a user account and then add the user to the administrators group.

Errors:

1. If you don’t have privileges to add new user account to the system, you would get an error like below.
2. While adding user to domain, make sure that your computer is connected to the domain. Otherwise it throws up below error.

Related Posts:

Possibly the most in-depth article about adding and deleting users by far. Thank you.

Is there a command/script to create a user in multiple servers at a time, also give him a mandatory chance to change his login password once he logs in the next time, in Windows Server 2003 OS?

You need to run your script on each of the servers. To make it mandatory to change the password, you can use the switch /LOGONPASSWORDCHG.
Command is:
net user loginname password /add /LOGONPASSWORDCHG:yes

Thanks for sharing this. I need to write a batch file to create users through command line. Your tip has helped me. This site is very useful for command prompt users on windows.

Is it possible to create a new user account without specifying a password?

I’m not aware of a way to create user acounts without a password and I wouldn’t recommend it. However I would suggest you could use a randomly generated string to use as the password when the account is created. Or how about the current system time using %time%. For example:
net user loginname %time% /add

It may not work if your password policy is more restrictive.

It is possible
Just type:
Net user Username /ADD

tried this tell’s me it worked then i go switch user and Nothing

thats because you need to login to your account say you had 2 accounts 1 admin the other not you would create the new account dosnt show login to the non admin 1 the lock it u will the find it by pressing swithch user

iam having a username as the member of administrator group. but while using to add a user acc in command prompt it shows the error as system error 5 has occured access denied.

can anyone help this

Are you doing it from elevated administrator command prompt?

Thanks a lot. Simple and solves the purpose immediately.

I am using the /EXPIRES:NEVER switch on the end of the command, however the Never Expires checkbow is not ticked when i check the properties

/Expires switch is for the account but not for the password. /Expires:Never actually sets your a/c not to expire, but not for the password.

Why does mine says access is denied?

Make sure that you have administrator privileges to add new user account.

is it possible to create a user from command promt with normal user

No. Only users with admin privileges can add new users.

Can you please tell me. How to create bulk user in local machine user name & password with Never EXPIRES ..

You can use for loop and create user accounts in bulk.
Check this: For loop examples

wmic path Win32_UserAccount WHERE Name=’PUT_USER_NAME_HERE’ set PasswordExpires=false

Thanks for this article! You have saved me!!
Ciao from Italy

Hey, sorry to ask but how do i get past the System Error 5?

I am on the only Admin account on my lapyop, but it still only says that whenever i try to change anythimg abouy accounts.

Hey, did you tried to lunch command promt: right-click>run as administrator?

You need to check the reply given by admin:
*********************
admin August 27, 2012 at 7:29 am

Are you doing it from elevated administrator command prompt?
************************************************
For elevated command prompt , the below link might be helpful to you
http://www.windows-commandline.com/elevated-command-prompt/

How do I create a local user account on a Domain server? Is there a command that I can use? There is no facility to add a local account on a Domain machine. Please assist

This scenario well describes my issue. How can I get admin. privileges using the embedded Administrator?

An administrator account can’t be created directly. We first need to create a user account and then add the user to the administrators group.

If you don’t have privileges to add new user account to the system, you would get an error like below.
C:\>net user John /add
System error 5 has occurred.
Access is denied.
C:\>

I followed the instructions for command prompt. Keep getting the message: “is not recognized as an internal or external command, operable program or batch file”
I do not have the right click option on command. Have to type Command Prompt in search to to open, then type in the command line which gives me the above posted result.

Hold CTrl and shift together then click on cmd icon after you search it .
This should open as admin.
Fixes your right click problem .

How do you get rid of “system error 5 has occurred” and make me to be able to use commands

Niels, please read the comments, this question was answered 5 times already – hint: elevated privileges.

Command ran successfully – But user directory structure is not there.

For example, under Documents and Settings there is not a directory of the new users Name.

Does the user have to login once for that to be created ?

Yes, account must be logged into to make default profile for user.

My Windows could not start up normally.
And with recovery I needed to login with an user account. But Windows did not see my one account. (that account have administrator access). So what I have done. Next: rebooted my pc into safe mode with cmd
In cmd I made an new administrator account.
Using this cmd code: net username password /ADD
Then i rebooted my pc into advanced recovery. Where I used the option:
Bring Windows back to a restore point.
And logged in with the account I made in cmd.

This helped for me

for creating the user id in local server below is the commend

net user arul “[email protected]″ /ADD /FULLNAME:”James areul” /comment:”server support enginer” /LOGONPASSWORDCHG:yes

I know that you need to be an administrator to run the commands.If you don’t have privileges , you would get an error like below.
System error 5 has occurred.
Access is denied.

I want to query the groups of the user remotely.
net user John /domain
I am able to run this command when i run it via rdp.
But when the same is done via powershell with the administrator, it still gives me a Access is denied error.
How can i resolve this ?

Thanks to your answer. I am also need how to create admin user account with password using CMD-line. Note that when I create it, the password must hidden when I write the password.
Thank you for Your Help me.

Added command in the post to hide the password. Check this out.
Adding admin account is done in two steps, first add user account and then give admin privileges to the account.

But can you add a Microsoft Account with command com?

Useful information here. Keep it up.

Is it possible to use this command to create a user on another machine other than the one you’re actually on when machines are in a workgroup and not on a domain?

Hello Andrew, looking at the syntax the ‘net user’ command supports, I do not think that it can handle workgroup scenario. I would suggest you to try psexec tool by Microsoft.

This was very helpful. 🙂

I came across this article and wondered if maybe you could help. I created a local account for my son on my laptop but I cannot open it every time I try it says logging out. So I tried creating his account as set up in your article and it’s still doing the same I had windows 8 then 8.1 and now 10 and since I updated to 10 I have not been able to access his account I have deleted and added it several times each a different way with no success on any of them. Every thing is up to date and I even ran some kind of system check on it any advice?

In my laptop, I forget the password. How can I set a new user through cmd in safe mode and how I retrieve the data which has been saved in Old User.

I recently bought a laptop that automatically logs in on start up to the standard account, but also has an admin account. Log off and Switch Users don’t allow me to change accounts, it just logs right back in to the standard user account. Tried using runas /user:USername cmd to try and enable elevated privileges, but password is not being accepted. Any ideas?

How long until the commands that create a new domain user and the one that adds it to the domain admins group will take. Iam required to know but I dont have an access to a network to test it.

The commands should finish in few seconds.

Do you know if it is possible to create a small script that would create a standard user with the name taken from the PC-NAME?

I am thinking I would need to use the equivalent of grep for windows? I would need to check to see if there was a command to show computer name, maybe output it to a file and then pull the information from it?

Anyone come across anything like this?

Can you please assist. I was adding an new user on cmd and I did a mistake I only included the username not the password like this “net user (username) /ADD”. then when I try to log in it needs the password while I didn’t set it, and now I’m in trouble please help.

Can you please assist. I have been created a new user my leptop using cmd and I did not included the password like this ” net user ( username ) / ADD “. then when I try to log in to the user it needs password while I didn’t set it.

Does it create a account with admin permissions or standard account permissions…

Newly created user gets automatically deleted on restart, created in cmd access from advanced startup f8.
Is windows 8 very stupid, or am i doing anything wrong?

This works but when you add it in the administrators group. It wont be like a “real admin” account. When you launch cmd it wont start “as admin”

Test comment from Giri 1

Good afternoon! I’ve seen that it is possible to create a user for a certain domain by cmd, but wanted to know if you have how to enter the user soon in a domain group, is it possible?