CMD User Account Mgmt - Neilitlib/MSP-Simple-Commands GitHub Wiki

Domain User (ACTIVE DIRECTORY)

PS

- Create & Set Static PW

New-ADUser -Name "John Doe" -GivenName John -Surname Doe -SamAccountName jdoe -UserPrincipalName [email protected] -Enabled $true -AccountPassword (ConvertTo-SecureString "AmazeB@11$" -AsPlainText -Force)

Now the user "jdoe" has been created with the password "AmazeB@11$"

They have a display name of John Doe

Their UserPrincipalName may be either [email protected] -or- [email protected] depending on your environment

- Create & Prompt PW Change

New-ADUser -Name "John Doe" -GivenName John -Surname Doe -SamAccountName jdoe -UserPrincipalName [email protected] -Enabled $true -AccountPassword (ConvertTo-SecureString "Welcome1!" -AsPlainText -Force) -ChangePasswordAtLogon $true

User MUST CHANGE PASSWORD from Welcome1! at first login (otherwise same as above)

- Reset PW to Static

Set-ADAccountPassword -Identity "UsersName" -NewPassword (ConvertTo-SecureString -AsPlainText "NewPasswordHere" -Force) -Reset

Replace "UsersName" and "NewPasswordHere" with your desired username and password

- Simple Locked List

Search-ADAccount -LockedOut | Select-Object -Property SamAccountName

If you forget, you can get by with a shorter command Search-ADAccount -LockedOut but its output is more cumbersome/detailed

- Unlock/Disable

Unlock-ADaccount -Identity UserNameHere

Disable-ADAccount -Identity UserNameHere

Ex: Unlock-ADaccount -Identity ITdomainAdmin || Disable-ADAccount -Identity ITdomainAdmin

Now the IT Domain Admin account is unlocked || now the IT Domain Admin is sad 😒

  • Unlock tickets made easy || Employee terminations made easy

- Delete

Remove-ADUser -Identity jdoe -Confirm:$false

There never was a "jdoe", now if you'll excuse me I have work to do...

Local User (WORKGROUP)

CLI

- Create/Delete

net user username password /add

net user username /delete

Ex: net user ITperson SuperSecret /add || net user ITperson /delete

Now "ITperson" can have a local login with the password "SuperSecret" || now "ITperson" is sad 😒

- Password Reset/Change/Static

net user username newpassword

Ex: net user ITperson PrevPassGotHacked

Now user "ITperson" can have a login with their new password "PrevPassGotHacked"

wmic useraccount where "Name='username'" set PasswordExpires=false

EX: wmic useraccount where "Name='ITperson'" set PasswordExpires=false

Now user "ITperson" can have bad security by ensuring their password never expires and changes

- Admin Rights (Grant/Revoke)

* USER

net localgroup administrators /add username

net localgroup administrators /delete username

Ex: net localgroup administrators /add ITperson || /delete ITperson

Now user "ITperson" was granted admin rights || had admin rights revoked

* LOCALGROUP

net localgroup administrators "User Group Name" /add

net localgroup administrators "User Group Name" /delete

Ex: net localgroup administrators "domain users" /add || "domain users /delete

Now all "Domain Users" were granted admin rights || had admin rights revoked

* AZURE EMAIL

net localgroup administrators /add "AzureAD\[email protected]"

net localgroup administrators /delete "AzureAD\[email protected]"

Ex: net localgroup administrators /add "azuread\[email protected]" || /delete "azuread\[email protected]"

Now if the Azure-bound device is accessed by [email protected] they will have admin rights || won't have admin rights