See If You Can Find It

Wednesday, July 1, 2020

Windows System Administration: Local User Manipulation in CLI

Alright, hi everyone! Today I'm gonna bring you some Windows SysAdmin stuff in the CLI. Sure, we may be able to manipulate user accounts via the gui tools, but it's great to know how to do it both ways! Let's get started.

First and foremost, we need to launch either PowerShell or Command Prompt (make sure you do this as admin). From there we need to get into the WMIC utility, and to do this, all you have to do is type "wmic" at the prompt. WMIC is the Windows Management Instrumentation Command-line utility, it has some wonderful functionality. Once you're in this context, we need to take a look at all of the local users on the machine. Type "useraccount get name,status,lockout,disabled". There are other properties you can view, but we won't need that for this tutorial. If you'd like to take a look, simply type "useraccount /?".

Here we see all of our local accounts. We're going to focus on "Administrator". We need to change the "Status" and "Disabled" values. Doing this will allow the account to be accessible, and will allow it to use admin privileges if it has any. This can happen in one of two ways; either by sending the command to change the property without targeting any user, or by selecting your targeted user. The first method, you would type "useraccount set status=ok". This would prompt you to decide whether you want to modify that property for each user on the list. The second way would be to type "useraccount where name='Administrator' set status=ok". That would allow you to decide ONLY for that user.


Now that we've set the "Status" property, let's change the "Disabled" property.

From there, you'll exit out of the WMIC context and back to your regular PowerShell terminal. Now in order to actually access our newly enabled account, we need to set a password that we know, for this we'll use the "net user" command. On it's own "net user" will just list all of the local accounts, just like "useraccount get name" would in WMIC. To change the password, you just specify the user and add an asterisk (*).


There we go, all set! Now we can log in and use this account. Want more Windows command line? Comment and let me know what you'd like to see! Thanks for reading!

No comments:

Post a Comment