Managing Windows Local Groups with Net LocalGroup



  • Before PowerShell, net localgroup was the standard mechanism for managing local users on Windows and still remains a simple, effective tool for doing so from the command line. If you ever need to work on extremely old machines without PowerShell, it is also the only way to do so. It is part of the net family of command line Windows utilities.

    It is very important to remember that net user is for managing the local users on the machine where you are running the command. It is not for managing things like Active Directory users.

    Using net user is simple, fast, and straightforward. We will learn best for straightforward examples.

    List Local Groups

    net localgroup
    

    Get Details of Specific Local Group

    net localgroup administrators
    

    Add Local User to a Local Group

    net localgroup administrators sally /add
    

    Add an Active Directory Domain User to a Local Group

    net localgroup administrators mydomain\sally /add 
    

    Create a New Local Group

    net localgroup mynewgroup /add
    

    Delete a Local Group

    net localgroup mynewgroup /delete
    

    The net localgroup command makes local group management exceptionally quick and easy, no matter how you are accessing a system and is a great example of where command line management is often much simpler and faster than a GUI.


    Part of a series on Windows Systems Administration by Scott Alan Miller



  • @scottalanmiller said in Managing Windows Local Groups with Net LocalGroup:

    If you ever need to work on extremely old machines without PowerShell, it is also the only way to do so.

    I truly hope it's almost nobody still having to deal with user management and AD from Windows XP and earlier desktops.

    But if you love using net commands, they work well in PowerShell scripts.



  • @Obsolesce said in Managing Windows Local Groups with Net LocalGroup:

    @scottalanmiller said in Managing Windows Local Groups with Net LocalGroup:

    If you ever need to work on extremely old machines without PowerShell, it is also the only way to do so.

    I truly hope it's almost nobody still having to deal with user management and AD from Windows XP and earlier desktops.

    It's a lot later before PowerShell tools for this existed, that's actually decently recent. It was only a "few" releases of PowerShell ago where these tools did not exist.

    I just tested a fully up to date Windows 7 system and the PS tools do not exist there yet. You can add them, but they are not part of the standard PS tool sets on Windows Vista and 7, and possibly later, that's just what I have on hand to test. If you are in the support space and supporting ad hoc companies, or work in the MSP space, or work with one of customers, it's actually the norm to have PowerShell lack the expecting tooling for many tasks still today. Even on well maintained, fully updated systems.



  • @scottalanmiller said in Managing Windows Local Groups with Net LocalGroup:

    @Obsolesce said in Managing Windows Local Groups with Net LocalGroup:

    @scottalanmiller said in Managing Windows Local Groups with Net LocalGroup:

    If you ever need to work on extremely old machines without PowerShell, it is also the only way to do so.

    I truly hope it's almost nobody still having to deal with user management and AD from Windows XP and earlier desktops.

    It's a lot later before PowerShell tools for this existed, that's actually decently recent. It was only a "few" releases of PowerShell ago where these tools did not exist.

    I just tested a fully up to date Windows 7 system and the PS tools do not exist there yet. You can add them, but they are not part of the standard PS tool sets on Windows Vista and 7, and possibly later, that's just what I have on hand to test. If you are in the support space and supporting ad hoc companies, or work in the MSP space, or work with one of customers, it's actually the norm to have PowerShell lack the expecting tooling for many tasks still today. Even on well maintained, fully updated systems.

    net user doesn't work in that version of PowerShell? Could have sworn i used it in PowerShell way back...



  • @Obsolesce said in Managing Windows Local Groups with Net LocalGroup:

    net user doesn't work in that version of PowerShell? Could have sworn i used it in PowerShell way back...

    net user works in everything, PS, CMD, anything, because it's not part of any of them. It's a separate command line that goes way, way back. It's the alternatives to net user that don't exist until much later.