Network Administration: Net User Command

The Net User command creates or changes user accounts in the Windows Server 2008 environment. This command has many options and therefore uses. To display a user’s information, use this form:

net user username

To update user information, use this form:

net user [username [password | *] [options]] [/domain]

To add a new user, use this form:

net user username [password | *] /add [options] [/domain]

To delete a user, use this form:

net user username /delete [/domain]

Most of the parameters for this command are straightforward. However, the options parameters can have a variety of different settings.

Net User Options Parameters
Options Description
/ACTIVE:{YES | NO} Activates or deactivates the account. If the account is not
active, the user can’t access the server. The default is
YES.
/COMMENT:”text” Provides a descriptive comment about the user’s account
(maximum of 48 characters). Enclose the text in quotation
marks.
/COUNTRYCODE:nnn Uses the operating system country code to implement the
specified language files for a user’s help and error
messages. A value of 0 signifies the default country code.
/EXPIRES:{date | NEVER} Causes the account to expire if date is set. NEVER sets no time
limit on the account. An expiration date is in the form
mm/dd/yy or dd/mm/yy, depending on the country code.
Months can be a number, spelled out, or abbreviated with three
letters. The year can be two or four numbers. Use slashes (/), not
spaces, to separate parts of the date.
/FULLNAME:” name” Is a user’s full name (rather than a username). Enclose
the name in quotation marks.
/HOMEDIR:pathname Sets the path for the user’s home directory. The path
must exist.
/PASSWORDCHG:{YES | NO} Specifies whether users can change their own passwords. The
default is YES.
/PASSWORDREQ:{YES | NO} Specifies whether a user account must have a password. The
default is YES.
/PROFILEPATH[:path] Sets a path for the user’s logon profile.
/SCRIPTPATH:pathname Is the location of the user’s logon script.
/TIMES:{times | ALL} Is the logon hours. TIMES is expressed as
day[-day][,day[-day]],time[-time]
[,time[-time]], limited to 1-hour increments. Days
can be spelled out or abbreviated. Hours can be 12- or 24-hour
notation. For 12-hour notation, use am or pm (without periods) or
a.m. or p.m. ALL means a user can always log on, and a blank value
means a user can never log on. Separate day and time entries with a
comma, and separate multiple day and time entries with a
semicolon.
/USERCOMMENT:”text” Lets an administrator add or change the User Comment for the
account.
/WORKSTATIONS: Lists as many as eight computers from which a user
{ComputerName[,…] | *} can log on to the network. If
/WORKSTATIONS has no list or if the list is *, the user can log on
from any computer.

To display information for a particular user, use the command like this:

C:>net user Doug

To add a user account for Theodore Cleaver with the username Beaver, use this command:

C:>net user Beaver /add /fullname:"Theodore Cleaver"