Creating a user through the windows 7 command line. Working with a local account in Windows. Other options for working with accounts

If you've read the site's articles in order (with the Reference book in mind), you've probably noticed that so far we've only briefly mentioned the Administrator account in the Response File Settings article. And after articles on installing applications, you probably have a question: how to organize automatic login so that the software is installed automatically after the OS and can this be done not under the Administrator account? This article aims to answer this question: you will learn how to set up automatic login, as well as create new and rename built-in accounts. Let's start by creating accounts.

Adding accounts

There are two ways to add accounts, and we'll cover both.

OOBEINFO.INI method

Note: the method only works for Windows XP/2003

Using this method, you simply automate the process of creating users, which is usually done manually in one of the graphic stages. Windows installation- mini setup.

Let's get started. Open Notepad and copy there following lines:


Identity000="Vadikan"
Identity001="Alex"

The username is enclosed in quotation marks; substitute yours. If you only need one user, then delete the second one. If you need more users, then add rows, increasing the number by one. This method allows you to create no more than six accounts (up to Identity005). Please note that all users will be included in the Administrators group.

When finished, save the file as oobeinfo.ini in the $OEM$\$$\System32\oobe directory. As you can see, everything is very simple.

NET USER method

This method has been described in previous version site. It is more versatile, because. works on all NT platforms and allows you to create as many accounts as you like by placing them in different groups.

We will be creating accounts during the graphical phase of Windows Setup. For this we will use the file cmdlines.txt(more about cmdlines.txt in the relevant article). From it we will execute batch file useraccounts.cmd A that contains the commands needed to create accounts.

If you haven't created a file yet cmdlines.txt, then open Notepad and copy the following text there


"useraccounts.cmd"

Save the file as cmdlines.txt in the C:\XPCD\$OEM$\ directory.

Now we need to create useraccounts.cmd. Copy the following text into Notepad:

net user Vadikan asdf1234 /add
net localgroup Administrators Vadikan /add

net accounts /maxpwage:unlimited
EXIT

Let's look at the commands in order.

  • net user Vadikan asdf1234 /add - creates a Vadikan user with password asdf1234
  • net localgroup Administrators Vadikan /add - adds the Vadikan user to the Administrators group
  • net localgroup Users Vadikan /delete - removes the Vadikan user from the Users group (the user is automatically added to it when creating
  • net accounts /maxpwage:unlimited - avoids password expiration (14 days)

For an account placed in the Administrators group, a password is required. Change the username and password to your liking and save the file as useraccounts.cmd in the C:\XPCD\$OEM$\ directory. Similarly, you can add other users to desired groups using the same file useraccounts.cmd and the net user and net localgroup commands

Attention: in the localized Russian version, the Administrators group is called Administrators, and Users - Users. Therefore, you need to make the appropriate changes and save the file in OEM encoding (DOS 866). Notepad does not support this encoding, and another editor is needed (there is a list of them in the FAQ .

Another point to note is that if you want to create a user whose name contains spaces (for example, Super Vadikan), then you must enclose such a name in quotation marks:

net user "Super Vadikan" asdf1234 /add Combined method

After learning both methods, you might be wondering how to create accounts using the OOBEINFO.INI method, but make only one of them Administrator. In principle, this is possible. Pay attention to the file useraccounts.cmd, which used the net user command in combination with the /add option to add accounts. The /delete option is used to delete accounts. In my example, I created Vadikan and Alex accounts. Let's say I want to move Alex from administrators to regular users. First, remove it from Administrators, and then add it to Users:

net localgroup Administrators "Alex" /delete
net localgroup Users "Alex" /add

These commands can be added to any batch file that will be executed on first login.

We will assume that we figured out the addition of users. If you want to automatically install applications at the end of the OS installation, then you need to organize automatic login under the desired user. Let's get on with it.

Automatic login

As usual, we will consider several options. Let's start with the simplest: all you need is to set up automatic login for the built-in Administrator account.

Built-in Administrator account

If you're not interested in other accounts (which I highly doubt;) then the easiest way is to use a response file to automatically log in to the built-in Administrator account. In the answer file ( winnt.sif) you should have the following lines:


AdminPassword="mypassword"
EncryptedAdminPassword=No
AutoLogon=Yes
AutoLogonCount=2

In order, they mean the following: administrator password, is the administrator password encrypted (can be encrypted using Setup Manager, automatic login, number of automatic logins (in Windows 2000, the maximum number of automatic logins is 2).

All that is required of you is to substitute your password and set the desired number of automatic logins. All.

Other accounts

To tell the truth, the methods described below are quite applicable to the built-in Administrator account. By the way, I recommend that you read the MS KB article Automating Windows Logon before proceeding with this section.

So we want to import auto logon for the newly created user. You can automate the process of making changes to the registry in various ways. We will look at importing from a *.REG file with the REGEDIT command, as well as the REG ADD command.

In the first edition of the article, only the *.REG file was considered, but several people had problems with importing, the nature of which remained unclear (in general, REGEDIT should work on the T-12). REG ADD solved the problem.

Import from *.REG file using REGEDIT command

We will create a file autologon.reg, containing the registry settings necessary for autologon, and then organize the import of data with the REGEDIT command from useraccounts.cmd. Copy the following lines into Notepad

Windows Registry Editor Version 5.00


"DefaultUserName"="Vadikan"
"DefaultPassword"="asdf1234"
"AutoAdminLogon"="1"
"AutoLogonCount"=dword:00000001

The AutoLogonCount parameter specifies the number of automatic logons (one in this case). Clear this option if you want to log in automatically all the time. Substitute your username and password, and then save the text as autologon.reg in the C:\XPCD\$OEM$\ directory.

You should now have three files in your $OEM$ directory: cmdlines.txt, useraccounts.cmd And autologon.reg. Now you need to enter useraccounts.cmd command to import our registry settings. I think that you have already guessed how to do it - you just need to add the line

REGEDIT /S autologon.reg

This will import the automatic login settings into the registry.

REG ADD command

Basically, REG ADD does the same as REGEDIT /S - imports desired parameters to the register. In this case, we do not need any additional files, and we will simply enter the commands directly into useraccounts.cmd:

REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V DefaultUserName /t REG_SZ /D "Vadikan" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V DefaultPassword /t REG_SZ /D asdf1234 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V AutoAdminLogon /t REG_SZ /D 1 /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V AutoLogonCount /t REG_DWORD /D 1 /f

Remove the last line if you want to log in automatically all the time. Substitute your username and password, and then add the resulting lines to useraccounts.cmd.

Important note! When arranging automatic login for other accounts, you need to make sure that the section in winnt.sif contains only two lines related to the Administrator account:

AdminPassword=*
EncryptedAdminPassword=No

Remove everything else (such as AutoLogon or AutoLogonCount ). Replace the asterisk in AdminPassword with a password if you want to protect the Administrator account from unauthorized access.

It must be remembered that everything that you specify in winnt.sif(eg AdminPassword ) does not affect the Vadikan account described on this page. This only affects the built-in Administrator account.

Attention! Automatic login options specified in the file svcpack.inf, do not work. Use the other methods described in this article.

If you did everything correctly, then during the installation of Windows at stage T-12, the file useraccounts.cmd will be launched from cmdlines.txt.

Other options for working with accounts.

This section is optional, but there may be situations in which the information below is useful to you.

Renaming built-in accounts

It is not necessary to rename built-in accounts, but some do it for security reasons (an attacker will have to guess not only the password, but also the account name), or just for convenience (Administrator is too long a name, especially for those who often have to enter it). It is possible to change the default usernames used in XP (Administrator , Guest for the localized version, or Administrator and Guest for other versions). This can be done both from the command line and by changing one file in the distribution.

Renaming accounts from the command line

There are two tiny utilities - renuser.exe (10 kb) and netuser.exe (20 kb), with the help of any of which you can solve the problem with one command. The utility must be placed in $OEM$\$$\system32\ and on the T-12 execute the command, for example, from the file cmdlines.txt.

"renuser Administrator NewName" "NetUser Administrator /name:NewName"

The examples above rename the Administrator account.

Changing the defltwk.inf file

You can specify your own names for built-in accounts by editing the defltwk.inf file contained in the distribution in compressed form. It's done like this (thanks, ):

  • Finding a file i386\DEFLTWK.IN_ torName=
  • We remove the comment before the name we want to change (remove the ";") and set new values ​​after equal in quotes, for example. NewGuestName = "Type_guest"
    NewAdministra torName = "like_admin"
  • * - There is a typo in Microsoft's default administrator name option, don't forget to add the letter "r" between the letters "t" and "a" (highlighted in the example).
  • Save changes
  • We pack it back using the MAKECAB.EXE program (recommended) or put the unpacked file in the i386\ folder, after deleting the original from there ( DEFLTWK.IN_)
    • Add accounts interactively

    Sometimes you need to quickly add an account or even do it on the T-12, and it is not known in advance what name and password the user needs and in which group to place him. To do this, you can use the program (download (173 kb),), which was made by a participant in the Oszone conference.

    The program adds a user (using net user), changes the computer name (ComputerName parameter), user name (RegisteredOwner parameter), prescribes autologon (AutoAdminLogon parameter) or simply makes the default user name (DefaultUserName parameter), and can also prescribe a command in RunOnceEx , understands any paths (local, UNC, global, variables).

    A program similar in functionality has recently made its way onto MSFN - .

    Conclusion

    As you can see, accounts are a fairly large and important autoinstall topic. However, in fact, it turns out to be very simple, if you understand the mechanisms for creating accounts and autologon. There are various options for solving problems, as well as built-in windows commands and utilities that will help with this.

    In addition to the above methods, user accounts can be created, modified, and deleted using the command line. To do this, follow these steps:

      Run command line on behalf of the administrator;

      To create an account using the command line, use the command net user.

    The net user command is used to add users, set passwords, disable accounts, set options, and remove accounts. Running the command without command-line options displays a list of user accounts that are present on the computer. User account information is stored in the user account database.

    Command example:

    net user User /add /passwordreq:yes /times:monday-friday,9am-6pm/fullname:"New user"

    Used parameters:

    /add - this parameter indicates that a new account needs to be created;

    /passwordreq - this parameter is responsible for ensuring that the user changes his password when he first logs into the system;

    /times - This setting determines how many times the user is allowed to log in. Here you can specify both single days and whole ranges (for example, Sa or M-F). Both 24-hour and 12-hour formats are allowed for time indication;

    /fullname - this parameter is identical to the "Full name" field when creating a user using the previous methods.

  • Creating user accounts for computers in a domain

    • In the server operating room Windows system Server in an Active Directory domain, user accounts can be created in six ways:

      Creating Users Using Active Directory Users and Computers

      Creating users using the net user command line

      Importing users using the CSVDE command

      Importing Users Using the LDIFDE Command

      Create users with Windows PowerShell

      Creating Users with VBScript

    Conclusion. Questions about user accounts are briefly considered. A user account is a record that contains information necessary to identify a user when connecting to the system, as well as information for authorization and accounting. Methods for creating local user accounts and domain users were discussed. Real exercises and tasks are considered in laboratory work No. 3 and in practical lesson No. 2.

    Lecture 4 Protecting files and shared folders .

    Permissions file system when accessing resources

    Protecting files and shared folders

    The topic of information security is more popular today than ever. IT professionals draw knowledge from everywhere: from special articles in the magazine and even from daily mailings on e-mail. Most technical means protect the resources of the organization from outside interference.

    But it is often necessary to share access to information within the enterprise itself. Just imagine what problems could arise if all employees had access to the personal records of their colleagues.

    The Windows NTFS file system and its shared folder permissions are specifically designed to protect the contents of folders. public access from both internal and external leaks. Let's look at how to correctly assign NTFS permissions and manage access to shared folders and files.

    File access control

    Most users share files in the public domain for some employees of their company. To do this, you need to: 1. Click right click on the folder containing the files you want to share. 2. Select Sharing And Security from the drop-down menu. 3. In the folder properties dialog box, go to the Sharing tab and select the Share This Folder command

    1. Enter a name for the folder in the Share Name field. 2. Optionally, you can add a few explanatory words in the Comment column (Description). 3. Click OK.

    It must be remembered that the default permissions grant access to the contents of directories to all users (the Everyone group). Therefore, they must be limited.

    Also, in order to assign different permissions for different users, you need to disable the active default Windows option Simple File Sharing: 1. Open windows explorer explorer. 2. Go to the Tools menu. 3. Select Folder Options. 4. Click the View tab. 5. In the Advanced Settings window, uncheck the Use Simple File Sharing (Recommended) | Use simple file sharing (recommended). 6. Click OK.

    To disable permission for Everyone (Everyone) and set the access level for each user individually: 1. Right-click on the required folder. 2. From the drop-down menu, select Sharing And Security. 3. Click on the Permissions button. The Permissions For... dialog box opens.

    Image B. Setting access permissions on the Share Permissions tab of the Permissions For... dialog box.

    4. Select object Everyone (All) in the list of the presented groups or users. 5. Click the Remove button. 6. Click the Add button. The Select Users Or Groups dialog box opens (Select: User or Group 7. In the Enter The Object Names To Select box, select the users or groups for which you want to set access permissions, and click OK. 8. On the Group panel Or User Names (Groups or users) select the objects for which the access permissions will be configured: you can allow or deny (Allow or Deny) Full Control (Full Control), Reading (Change) and Changing (Read) the information in the folder. Click OK to apply the changes and close the dialog box, click OK to exit the folder properties window.

    Powers full access(Full Control) allow users or groups to read, modify, delete, and run the files contained in the folder. In addition, such users can create and delete new subfolders in this directory.

    Users who have the right to change information in the folder (Change) can view and modify the files in the folder, create their own files and folders in it, and run the programs located in it for execution.

    Users and groups with Read permissions are only allowed to view files stored in the directory and run programs. For information on Windows disks XP formatted as file NTFS system, you can set additional permissions. NTFS permissions (NTFS file system permissions) NTFS permissions in Windows environment provide an additional set of options that can be configured for each individual file or folder. First you need to make sure that the Windows settings allow you to work with the NTFS file system: 1. Click Start (Start). 2. Select the Run command. 3. Enter compmgmt.msc in the line and click OK. The Computer Management console opens. 4. Go to the Disk Management object on the Storage tab to find out what type of file system is used on each disk. If the disk or one of its partitions is not formatted in NTFS, this can be fixed by entering convert X: /fs:ntfs, replacing X with the letter of the desired disk or partition. The convert command will change the current disk file system to NTFS without destroying the data stored on it. However, before running the command, it is better to do backup disk contents. To set up NTFS permissions: 1. Click on desired file or folder. 2. From context menu select Properties. 3. Click the Security tab. 4. Use the Add/Remove buttons to add or remove users and groups for which you want to configure NTFS access permissions. 5. Select the desired object from the Group Or User Names window and assign/deny permissions by checking or unchecking the appropriate boxes in the Permissions For window, as shown in image D. 6. Click OK to save the changes.

    Image D NTFS permissions are more configurable than Simple Sharing.

    Note that, by default, subdirectories inherit the properties of their root directories. To change this, click on the Advanced button on the Security tab of the Properties dialog box. Types of NTFS permissions: Full Control (Full control) - allows users and groups to perform any operations with the contents of the folder, including viewing files and subdirectories, launching application files, managing the list of folder contents, reading and running executable files, changing the attributes of files and folders, creating new files, adding data to files, deleting files and subdirectories, and changing file and folder permissions. Modify - Allows users and groups to view files and subdirectories, run application executables, manage the list of folder contents, view folder options, change folder and file attributes, create new files and subdirectories, add data to files, and delete files. Read & Execute - Allows users and groups to list files and subdirectories, run executable files applications, view the contents of files, and change the attributes of files and folders. List Folder Contents - Allows users and groups to navigate through directories, work with a list of folder contents, and view file and folder attributes. Read - Allows users and groups to view folder contents, read files, and view file and folder attributes. Write (Record) - Allows users and groups to change the attributes of files and folders, create new folders and files, and change and supplement the contents of files. To determine a user's final permissions, subtract from the NTFS permissions granted to him directly (or as a member of a group) any individual denials (or denials he received as a member of a group). For example, if a user has Full Control on a given folder, but is also a member of a group that is not allowed Full Control, then the user will not have Full Control as a result. If a user's access level is restricted by Read & Execute and List Folder Contents in the same group, while being denied access at the List Folder Contents level, the result is NTFS permissions will be limited to the Read & Execute level only. For this reason, administrators should approach prohibitions with extreme caution, since prohibited functions take precedence over those allowed for the same user or group. Windows XP provides a handy utility for confirming the current permissions of a user or group: 1. Open the properties dialog box for the desired file or folder (Properties). 2. Click the Security tab. 3. Click the Advanced button. The Advanced Security Settings For dialog box opens. 4. Click the Effective Permissions tab. (Picture E) 5. Press the Select button. 6. The Select User Or Group dialog box will open. 7. In the Enter The Object Name To Select field, enter the name of the user or group whose authority you want to verify and click OK. 8. The Advanced Security Settings For dialog box will display the final set of NTFS permissions for the selected user or group.

    Figure E The Effective Permissions tab makes it easy to determine what permissions a user or group actually has.

    Combining NTFS Permissions with Sharing Permissions

    To determine the final permissions of a particular user, compare the final sharing permissions with the final NTFS permissions. Remember that access restrictions will take precedence over permissions.

    For example, if a user's total NTFS permissions are limited to the Read and Execute level, and the total shared permissions are to Full Control, the system will not grant that user valid full permissions, but will choose the highest priority level, in this case, it is the NTFS permission to read and execute.

    It is always important to remember that the resulting rights restrictions take precedence over the resulting permissions. This is a very important point that is easily forgotten, after which it gives users a lot of trouble. Therefore, carefully consider the allow/deny ratios of NTFS permissions and sharing.

    English version: techrepublic.com.com

    Copying an article is allowed only if an explicit hyperlink to the winblog.ru website is specified as the source of the Russian version. )

    Good time, readers. Today, once again, I had to climb into the search for the necessary help. Often you have to help Windows users directly from the user account, and there are no tools at hand, except for the built-in Windows Command cmd.exe lines. When working under a restricted account, you often have to perform some task with elevated Administrator rights. cmd for these tasks is the most suitable tool so as not to enter the administrator password many times, it is enough to run the command prompt once as an administrator and perform the necessary actions to run the necessary commands, which I will describe below:

    appwiz.cpl - Add/Remove Programs
    certmgr.msc - Certificates
    ciаdv.msc - Indexing Service
    cliconfg - SQL network client program
    clipbrd - Clipboard
    compmgmt.msc - Computer Management
    dcomcnfg - DCOM component management console
    ddeshare - DDE shares (does not work on Win7)
    desk.cpl - Screen Properties
    devmgmt.msc - Device Manager
    dfrg.msc - Disk defragmenter
    diskmgmt.msc - Disk Management
    drwtsn32 - Dr. Watson
    dxdiag - DirectX Diagnostic Service
    eudcedit - Personal character editor
    eventvwr.msc - Event Viewer
    firewall.cpl - Windows firewall settings
    gpedit.msc - Group Policy
    iexpress - IExpress (don't know what it is)
    fsmgmt.msc - Shared folders
    fsquirt - Bluetooth File Transfer Wizard
    chkdsk - Check disks (usually run with parameters drive letter: /f /x /r)
    control printers - Printers and Faxes - does not always start
    control admintools - Computer administration - does not always start
    control schedtasks - Scheduled tasks (scheduler)
    control userpasswords2 - Manage accounts
    compmgmt.msc - Computer Management ( compmgmt.msc /computer=pc - remote control computer pc)
    lusrmgr.msc- Local Users and groups
    mmc - create your own equipment
    mrt.exe - Malicious Software Removal
    msconfig - System configuration (autostart, services, etc...)
    mstsc - Remote Desktop Connection
    ncpa.cpl - Network connections
    ntmsmgr.msc - Removable storage
    ntmsoprq.msc - Requests for removable RAM operators (for XP)
    odbccp32.cpl - Data Source Administrator
    perfmon.msc - Performance
    regedit - Registry editor
    rsop.msc - Resulting policy
    secpol.msc - Local security settings ( Local Policy security)
    services.msc - Services
    sfc /scannow - Recovery system files
    sigverif - Check file signature
    sndvol - volume control
    sysdm.cpl - System Properties
    sysedit - System file editor (don't know what it is)
    syskey - Account database protection
    taskmgr - Task Manager
    utilman Utility Manager
    verifier Driver verification manager
    wmimgmt.msc - WMI Management Infrastructure

    This list is basically GUI extensions. Below I will highlight console commands in a separate list.

    You can also run applications in the control panel with administrator rights by right-clicking the mouse while holding the Shift key. And select Run as. (RunAs...) (relevant for Win XP).

    List of console commands:

    nbtstat -a pc - username of the remote machine pc
    net localgroup group user /add - Add user user to group group
    net localgroup group user /delete - Remove a user from a group
    net send pc ""text" " - send a message to the user of the pc computer
    net sessions - list of users
    net session /delete - closes all network sessions
    net use l: \\computer name\folder\ - connect network drive l: folder on the remote computer
    net user name /active:no - block the user
    net user name /active:yes - unblock the user
    net user name /domain - information about the domain user
    net user Name /add - add a user
    net user Name /delete - delete a user
    netstat -a - list all connections to the computer
    reg add - Add a parameter to the registry
    reg compare - Compare parts of the registry.
    reg copy - Copies from one section to another
    reg delete - Deletes the specified parameter or section
    reg export - Export part of the registry
    reg import - Respectively import part of the registry
    reg load - Loads the selected part of the registry
    reg query - Displays the values ​​of a given registry branch
    reg restore - Restores the selected part of the registry from a file
    reg save - Saves the selected part of the registry
    reg unload - Unloads the selected part of the registry
    shutdown - shutdown a computer, you can remotely turn off another one.
    SystemInfo /s machine - Shows a lot of useful information about the remote machine

    Here is a help on the wonderful net program, more precisely on its work with users: net user. Sometimes, for example, you need to activate a guest or administrator account in Windows 10 on a client PC. Then short and easy to remember windows net user Guest /active:yes can be more convenient than other ways:

    The syntax for this command is:

    NET USER
    [username [password | *] [options]]
    username (password | *) /ADD [options]
    Username
    Username

    The NET USER command allows you to create and modify user accounts on computers. Running the command without parameters displays a list of user accounts this computer. User account information is stored in the user account database.

    • username - The name of the user account to be added, removed, modified, or viewed. The user account name cannot be longer than 20 characters.
    • password - Assigns or changes a user account password. The password length must not be less than the minimum allowed value specified by the /MINPWLEN option NET commands ACCOUNTS. In addition, the length of the password must not exceed 14 characters.
    • * - Show password prompt. When entering a password at this prompt, it is not displayed on the screen.
    • /DOMAIN - The operation is performed on the current domain controller.
    • /ADD - Adds a user account to the user account database.
    • /DELETE - Deletes a user account from the account database
    • users.

    Description of parameters:

    • /ACTIVE:(YES | NO) - Activates or deactivates an account. If the account is inactive, the user will not be able to access the server. Default value: YES (account is active).
    • /COMMENT:"text" - Allows you to add a description of the user account. The text must be enclosed in quotation marks.
    • /COUNTRYCODE:nnn - Use country code operating system to include the appropriate language files when displaying user help and error messages. The value "0" is the default country code.
    • /EXPIRES:(date | NEVER) - Expiration date for the account. The value NEVER means the account will never expire. The account expiration date should be in the format mm/dd/yy(yy). The month is indicated by a number or name (full or abbreviated to three letters). The year is indicated by two or four digits. A forward slash (/) is used to separate date elements without spaces.
    • /FULLNAME:"name" - The user's full name (as opposed to the account name). The name must be enclosed in quotation marks.
    • /HOMEDIR:path - Path to the user's home directory. This path must already exist.
    • /PASSWORDCHG:(YES | NO) - Specifies whether the user can change their password. Default value: YES (password change possible).
    • /PASSWORDREQ:(YES | NO) - Specifies whether the user account must have a password. Default value: YES (password required).
    • /LOGONPASSWORDCHG:(YES|NO) - Specifies whether the user must change their password the next time they log on. Default value: NO (password change is not required).
    • /PROFILEPATH[:path] - Specifies the path to the user's login profile.
    • /SCRIPTPATH:path - Path to the user login script.
    • /TIMES:(time | ALL) - Login hours. The value of the TIMES parameter should be specified in the format day[-day][,day[-day]],time[-time][,time[-time]], with the time increment interval equal to 1 hour. The names of the days of the week can be specified in full or abbreviated. Hours are specified in 12- or 24-hour format. The 12-hour format uses am, pm, a.m. or p.m. The value ALL means no restrictions on the login time, and the empty value means no login at all. Days of the week and times are separated by a comma. Multiple entries for weekday and time values ​​are separated by semicolons.
    • /USERCOMMENT:"text" - Allows an administrator to add or edit a user comment for an account.
    • /WORKSTATIONS:(computer name[,...] | *) - Allows you to specify up to 8 computers from which the user can log on to the network. If the /WORKSTATIONS parameter is not listed or set to *, the user will be able to log on to the network from any computer.
    NET USER Command Examples
    • net user - Displays a list of all users on this computer.
    • net user kyrych - Displays information about the user "kyrych".
    • net user kyrych /add /times:Mon-Fri,08:00-17:00/fullname:"kyrych " - Adds user account kyrych with full name user and the right to connect from 8 am to 5 pm from Monday to Friday.
    • net user kyrych /delete - Deletes the kyrych account.
    • net user kyrych /active:no - Disables an account.
    • Forward
    Add a comment


    New articles:
    • Network discovery does not turn on in Windows 7/8/2008/2012
    • Error: This application failed to start because it could not find or load the Qt platform plugin "windows".
    • Configuring automatic restart of work processes rphost.exe server 1C 8.3
    • How to reduce the size of the transaction log (.ldf) in MS SQL 2008/20012

      MS SQL, like any decent industrial DBMS, along with the database, keeps transaction logs that allow you to roll back the state ...