The NET command is used to manage user accounts and groups.
Syntax
NET ACCOUNTS [/FORCELOGOFF:{minutes | NO} ] [/MINPWLENGTH:length]
[/MAXPWAGE:{days | UNLIMITED}] [/MINPWAGE:days] [/UNIQUEPW:number] [/DOMAIN]
NET USER [username [password | *] [options]] [/DOMAIN]
NET USER username {password | *} /ADD [options] [/DOMAIN]
NET USER username [/DELETE] [/DOMAIN]
NET USER username [/TIMES:{times | ALL]
NET USER username [/ACTIVE: {YES | NO}]
NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
NET LOCALGROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
NET GROUP groupname {/ADD [/COMMENT:"text"] | /DELETE} [/DOMAIN]
NET LOCALGROUP groupname {/ADD [/COMMENT:"text"] | /DELETE} [/DOMAIN]
NET GROUP groupname username [...] {/ADD | /DELETE} [/DOMAIN]
NET LOCALGROUP groupname username [...] {/ADD | /DELETE} [/DOMAIN]
View the current password & logon restrictions for the computer (plus machine
role: Server/ Workstation).
NET ACCOUNTS
View the current password & logon restrictions for the domain.
NET ACCOUNTS /DOMAIN
Set the number of minutes a user has before being forced to log off when the
account expires or valid logon hours expire
NET ACCOUNTS /FORCELOGOFF:minutes /DOMAIN
Prevent forced logoff when user accounts expire
NET ACCOUNTS /FORCELOGOFF:NO /DOMAIN
Set the minimum number of characters for a password.
NET ACCOUNTS /MINPWLEN:C /DOMAIN
The range is 0-14 characters; the default is 6 characters.
Set the maximum number of days that a password is valid.
NET ACCOUNTS /MAXPWAGE:dd /DOMAIN
The range is 1-49710; the default is 90 days.
Set passwords to never expire.
NET ACCOUNTS /MAXPWAGE:UNLIMITED /DOMAIN
Set a minimum number of days that must pass before a user can change a password
(default = 0)
NET ACCOUNTS /MINPWAGE:dd /DOMAIN
Require that new passwords be different from 'x' number of previous passwords
NET ACCOUNTS /UNIQUEPW:x /DOMAIN
The range for 'x' is 1-24
Synchoronise the user accounts database (PDC and BDC)
NET ACCOUNTS /SYNC /DOMAIN
View user account details
NET USER [/DOMAIN]
Add a user account.
NET USER username {password | *} /ADD [options]
[/DOMAIN]
Modify a user account.
NET USER [username [password | *] [options]]
[/DOMAIN]
Delete a username
NET USER username [/DELETE] [/DOMAIN]
Generate a random password:
NET USER administrator /random
Add a group
NET GROUP groupname /ADD [/COMMENT:"text"] [/DOMAIN]
NET LOCALGROUP groupname /ADD [/COMMENT:"text"] [/DOMAIN]
Edit a group
NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
NET LOCALGROUP [groupname [/COMMENT:"text"]] [/DOMAIN]
Delete a group
NET GROUP groupname /DELETE [/DOMAIN]
NET LOCALGROUP groupname /DELETE [/DOMAIN]
Add a user to a group
NET GROUP groupname username [...] /ADD [/DOMAIN]
NET LOCALGROUP groupname username [...] /ADD [/DOMAIN]
Delete a user from a group
NET GROUP groupname username [...] /DELETE [/DOMAIN]
NET LOCALGROUP groupname username [...] /DELETE [/DOMAIN]
LOCALGROUP will create/modify a group that is local to the computer rather than an Active Directory domain-wide group.
Examples
Create a group
C:\> NET LOCALGROUP spud /add
Add to guests
C:\> NET LOCALGROUP guests spud /add
Then remove
C:\> NET LOCALGROUP guests spud /delete
C:\> NET LOCALGROUP spud /delete
Related:
Q324639 - NET.EXE /ADD does not support names longer than 20 characters.
NET - Manage network resources.
NTRIGHTS - Edit user account rights (Logon Locally etc).
DSADD - Add user (computer, contact, group..) to active directory.
DSMOD - Modify user (computer, contact, group..) in active directory.
PRNMNGR - Add, delete, list printers and printer connections.
TSPROF - Copy Terminal Server User Profile.
WMIC GROUP - WMI access to Group membership.
WMIC USERACCOUNT - WMI access to User info.
Q149427 - Change Password from the CMD prompt.
Equivalent bash command (Linux): useradd - Add user account.