Set LocalUser - PowerShell


The Set-LocalUser cmdlet modifies the properties of local user accounts on the computer where the command is executed. It allows administrators to manage user accounts, set passwords, enable or disable accounts, and update other user-related settings.


Set-LocalUser [-Name] <string> [-Password] <SecureString> [-FirstName] <string>
[-LastName] <string> [-DisplayName] <string> [-EmailAddress] <string>
[-UserMayChangePassword] <bool> [-PasswordNeverExpires] <bool> [-AccountNeverExpires] <bool>
[-Description] <string> [[-State] <System.LocalUsers.UserState>] [-Enabled] <bool>
[-Confirm] <bool> [-WhatIf] <bool>


| Option/Flag | Description | Default |
| -Name | Specifies the name of the local user account to modify. | |
| -Password | Sets the password for the user account. Must be a SecureString object. | |
| -FirstName | Sets the first name of the user. | |
| -LastName | Sets the last name of the user. | |
| -DisplayName | Sets the display name of the user. | |
| -EmailAddress | Sets the user’s email address. | |
| -UserMayChangePassword | Indicates whether the user is allowed to change their password. | False |
| -PasswordNeverExpires | Indicates whether the user’s password never expires. | False |
| -AccountNeverExpires | Indicates whether the user account never expires. | False |
| -Description | Sets a description for the user account. | |
| -State | Sets the user’s account state. Can be Active, Disabled, or Expired. | Active |
| -Enabled | Enables or disables the user account. | True |
| -Confirm | Prompts for confirmation before executing the command. | False |
| -WhatIf | Shows what the command would do without actually executing it. | False |


Example 1: Changing the password of a user

$user = Get-LocalUser user1
$password = ConvertTo-SecureString "NewStrongPassword" -AsPlainText -Force
Set-LocalUser -Name user1 -Password $password

Example 2: Enabling a disabled user account

Set-LocalUser -Name user2 -Enabled $true

Example 3: Updating multiple user properties

Set-LocalUser -Name user3 -FirstName "John" -LastName "Doe" -DisplayName "John Doe" -UserMayChangePassword $true

Common Issues

  • Cannot set password: Ensure that the -Password parameter is a SecureString object, and that the user account has permission to change their password.
  • Cannot enable/disable account: Check that the user account is not a built-in account, and that the current user has the necessary permissions to modify account status.


The Set-LocalUser cmdlet can be combined with other PowerShell commands to perform complex user management tasks. For example, it can be used with Get-LocalUser to retrieve user accounts and their properties.