Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-LocalUser
Creates a local user account.
Syntax
Password (Default)
New-LocalUser
[-Name] <String>
-Password <SecureString>
[-AccountExpires <DateTime>]
[-AccountNeverExpires]
[-Description <String>]
[-Disabled]
[-FullName <String>]
[-PasswordNeverExpires]
[-UserMayNotChangePassword]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
NoPassword
New-LocalUser
[-Name] <String>
[-AccountExpires <DateTime>]
[-AccountNeverExpires]
[-Description <String>]
[-Disabled]
[-FullName <String>]
[-NoPassword]
[-UserMayNotChangePassword]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-LocalUser cmdlet creates a local user account. This cmdlet creates a local user account.
Note
The Microsoft.PowerShell.LocalAccounts module isn't available in 32-bit PowerShell on a 64-bit system.
Examples
Example 1: Create a user account
New-LocalUser -Name 'User02' -Description 'Description of this account.' -NoPassword
Name Enabled Description
---- ------- -----------
User02 True Description of this account.
This command creates a local user account and doesn't specify the AccountExpires or Password parameters. The account doesn't expire or have a password.
Example 2: Create a user account that has a password
$Password = Read-Host -AsSecureString
$params = @{
Name = 'User03'
Password = $Password
FullName = 'Third User'
Description = 'Description of this account.'
}
New-LocalUser @params
Name Enabled Description
---- ------- -----------
User03 True Description of this account.
The first command uses the Read-Host cmdlet to prompts you for a password. The command stores the
password as a secure string in the $Password variable.
The second command creates a local user account and sets the new account's password to the secure
string stored in $Password. The command specifies a user name, full name, and description for the
user account.
Parameters
-AccountExpires
Specifies when the user account expires. You can use the Get-Date cmdlet to get a DateTime
object. If you don't specify this parameter, the account doesn't expire.
Parameter properties
| Type: | DateTime |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-AccountNeverExpires
Indicates that the account doesn't expire.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-Description
Specifies a comment for the user account. The maximum length is 48 characters.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Disabled
Indicates that this cmdlet creates the user account as disabled.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-FullName
Specifies the full name for the user account. The full name differs from the user name of the user account.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Name
Specifies the user name for the user account.
A user name can contain up to 20 uppercase characters or lowercase characters. A user name can't contain the following characters:
", /, \, [, ], :, ;, |, =, ,, +, *, ?, <, >, @
A user name can't consist only of periods . or spaces.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-NoPassword
Indicates that the user account doesn't have a password.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Password
Specifies a password for the user account. You can use Read-Host -AsSecureString,
Get-Credential, or ConvertTo-SecureString to create a SecureString object for the password.
If you omit the Password and NoPassword parameters, New-LocalUser prompts you for the new
user's password.
Parameter properties
| Type: | SecureString |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PasswordNeverExpires
Indicates whether the new user's password expires.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-UserMayNotChangePassword
Indicates that the user can't change the password on the user account.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet isn't run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
String
You can pipe a string to this cmdlet.
DateTime
You can pipe a DateTime object to this cmdlet.
Boolean
You can pipe a boolean value to this cmdlet.
SecureString
You can pipe a secure string to this cmdlet.
Outputs
System.Management.Automation.SecurityAccountsManager.LocalUser
This cmdlet returns a LocalUser object representing the created user account.
Notes
Windows PowerShell includes the following aliases for New-LocalUser:
nlu
A user name can't be identical to any other user name or group name on the computer. A user name
can't consist only of periods . or spaces. A user name can contain up to 20 uppercase characters
or lowercase characters. A user name can't contain the following characters:
", /, \, [, ], :, ;, |, =, ,, +, *, ?, <, >, @
A password can contain up to 127 characters.
The PrincipalSource property is a property on LocalUser, LocalGroup, and LocalPrincipal objects that describes the source of the object. The possible sources are as follows:
LocalActive DirectoryAzureADMicrosoftAccount
Note
PrincipalSource is supported only by Windows 10, Windows Server 2016, and later versions of the Windows operating system. For earlier versions, the property is blank.
Related Links
Feedback
Was this page helpful?