In Windows computer we can add users to a group from command line. We can use net localgroup command for this.
net localgroup group_name UserLoginName /add
For example to add a user to administrators group from command line we can run the below command. In the below example I have taken username as John.
net localgroup administrators John /add
Few more examples:
To add a domain user to local users group from command line:
net localgroup users domainname\username /add
This command should be run when the computer is connected to the network. Otherwise you will get the below error.
H:\>net localgroup users domain\user /add System error 1789 has occurred. The trust relationship between this workstation and the primary domain failed.
To add a domain user to local administrator group from command line:
net localgroup administrators domainname\username /add
To add a user to remote desktop users group:
net localgroup "Remote Desktop Users" UserLoginName /add
To add a user to debugger users group:
net localgroup "Debugger users" UserLoginName /add
To add a user to Power users group:
net localgroup "Power users" UserLoginName /add
This command works on all editions of Windows OS i.e Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows 7. In Vista and Windows 7, even if you run the above command from administrator login you may still get access denied error like below.
C:\> net localgroup administrators techblogger /add System error 5 has occurred. Access is denied.
The solution for this is to run the command from elevated administrator account. See How to open elevated administrator command prompt
When you run the ‘net localgroup’ command from elevated command prompt:
C:\>net localgroup administrators techblogger /add The command completed successfully.
To list the users belonging to a particular group we can run the below command.
net localgroup group_name
For example to list all the users belonging to administrators group we need to run the below command.
net localgroup administrators
Related posts:
{ 8 comments… read them below or add one }
How to add a group to another group from command line?
you can use the same command to add a group also. For example, to add a domain group ‘Domain\users’ to local administrators group, the command is:
How can I add a user to a group remotely?
While this article is two years old – it still was the first hit when I searched and it got me where I needed to be. Another great tip is the syntax for doing a runas, because I needed to elevate a user's privileges to admin from within his account:
runas /user:Administrator@DOMAIN "net localgroup Administrators DOMAIN\username /add"
Good stuff.
How to set password to never expire ?
You can run the below command from command prompt.
wmic useraccount where name=’loginid’ set passwordexpires=false.
Note that in Vista and Windows 7, you need to run this command from elevated administrator command prompt.
Is there any way to add a computer account into the local admin group on another machine via command line? Thanks.
I don’t think that’s possible. However, you can add a domain account to the local admin group of a computer.