New-LocalUser
Creates a local user account.
Syntax
Password (Default)
New-LocalUser
[-Name] <String>
-Password <SecureString>
[-AccountExpires <DateTime>]
[-AccountNeverExpires]
[-Description <String>]
[-Disabled]
[-FullName <String>]
[-PasswordNeverExpires]
[-UserMayNotChangePassword]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
NoPassword
New-LocalUser
[-Name] <String>
[-AccountExpires <DateTime>]
[-AccountNeverExpires]
[-Description <String>]
[-Disabled]
[-FullName <String>]
[-NoPassword]
[-UserMayNotChangePassword]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-LocalUser cmdlet creates a local user account. This cmdlet creates a local user account.
Note
The Microsoft.PowerShell.LocalAccounts module isn't available in 32-bit PowerShell on a 64-bit system.
Examples
Example 1: Create a user account
New-LocalUser -Name 'User02' -Description 'Description of this account.' -NoPassword
Name Enabled Description
---- ------- -----------
User02 True Description of this account.
This command creates a local user account and doesn't specify the AccountExpires or Password parameters. The account doesn't expire or have a password.
Example 2: Create a user account that has a password
$Password = Read-Host -AsSecureString
$params = @{
Name = 'User03'
Password = $Password
FullName = 'Third User'
Description = 'Description of this account.'
}
New-LocalUser @params
Name Enabled Description
---- ------- -----------
User03 True Description of this account.
The first command uses the Read-Host cmdlet to prompts you for a password. The command stores the
password as a secure string in the $Password variable.
The second command creates a local user account and sets the new account's password to the secure
string stored in $Password. The command specifies a user name, full name, and description for the
user account.
Parameters
-AccountExpires
Specifies when the user account expires. You can use the Get-Date cmdlet to get a DateTime
object. If you don't specify this parameter, the account doesn't expire.
Parameter properties
| Type: | DateTime |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-AccountNeverExpires
Indicates that the account doesn't expire.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Description
Specifies a comment for the user account. The maximum length is 48 characters.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Disabled
Indicates that this cmdlet creates the user account as disabled.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-FullName
Specifies the full name for the user account. The full name differs from the user name of the user account.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Name
Specifies the user name for the user account.
A user name can contain up to 20 uppercase characters or lowercase characters. A user name can't contain the following characters:
", /, \, [, ], :, ;, |, =, ,, +, *, ?, <, >, @
A user name can't consist only of periods . or spaces.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-NoPassword
Indicates that the user account doesn't have a password.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
NoPassword
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Password
Specifies a password for the user account. You can use Read-Host -AsSecureString,
Get-Credential, or ConvertTo-SecureString to create a SecureString object for the password.
If you omit the Password and NoPassword parameters, New-LocalUser prompts you for the new
user's password.
Parameter properties
| Type: | SecureString |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Password
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-PasswordNeverExpires
Indicates whether the new user's password expires.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Password
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-UserMayNotChangePassword
Indicates that the user can't change the password on the user account.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet isn't run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
String
You can pipe a string to this cmdlet.
DateTime
You can pipe a DateTime object to this cmdlet.
Boolean
You can pipe a boolean value to this cmdlet.
SecureString
You can pipe a secure string to this cmdlet.
Outputs
System.Management.Automation.SecurityAccountsManager.LocalUser
This cmdlet returns a LocalUser object representing the created user account.
Notes
Windows PowerShell includes the following aliases for New-LocalUser:
nlu
A user name can't be identical to any other user name or group name on the computer. A user name
can't consist only of periods . or spaces. A user name can contain up to 20 uppercase characters
or lowercase characters. A user name can't contain the following characters:
", /, \, [, ], :, ;, |, =, ,, +, *, ?, <, >, @
A password can contain up to 127 characters.
The PrincipalSource property is a property on LocalUser, LocalGroup, and LocalPrincipal objects that describes the source of the object. The possible sources are as follows:
LocalActive DirectoryAzureADMicrosoftAccount
Note
PrincipalSource is supported only by Windows 10, Windows Server 2016, and later versions of the Windows operating system. For earlier versions, the property is blank.
