Remote editing user accounts

AD domain Windows 2003 R2
Clients : Domain-connected Clients Windows XP fully pathed

Is it possible to remotely edit the user-accounts on the Clients. NOT the local user-accounts, but User-accounts created on the Clients at:
Start -> Control Panel -> User Accounts , where it is possible to define AD-domain Accounts ?
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

rogerardConnect With a Mentor Commented:
Ok.  This one took me a bit to track down, but I think I may have finally prevailed!  :)  So here's the pickle....  The user that you're seeing when you are looking at the basic User Accounts window on a Vista or Windows 7 box does not display the same information that is in the advanced Users and Computers manager.  The so-called local Domain IDs aren't actually ID's created on the remote box,  but instead are Domain IDs that have been added to the local groups.  When you manage the remote computer and go look at the local groups, you will see listed there the users you're looking for.

If you would like to do this through a command prompt, using the pstools and psexec, if you run the command, net localgroup <group name>, you 'll get the users of the group name.  You can then pipe the results into a text file.  Good luck!
Download and install the windows server 2003 support tools.  There is a tool included, active directory users and computers, that will allow you to edit everything for Active Directory.  To only modify the local users and groups on a remote computer, use the computer management interface and connect to the desired computer.
olefiskAuthor Commented:
Hi rogerard

Thanks for the prompt answer.
Surely I'm using Active Directory users and computers.
But managing local users and groups via the Management Console does only show users created as local client-accounts, not accounts created on the CLient as a Domain-Account.
The Issue is: When a specific domain-user logs on a specific domain-attached Workstation, the User shall have specific rights, t.ex Super User or Remote Desktop User.
Please see attached file which shows the User-Accounts on Workstation, where "V1a-988" is Workstation Name, "Titan" is AD-domain, and "des" is Domain-user
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.


Rt Click Computer Management (Local), and connect to another computer.

Enter the workstation name, and you know have the Remote "Local Users and Groups".... Should be good for most tasks....

From command line....

"C:\WINDOWS\system32\mmc.exe" /s /computer="COMPUTERNAME" C:\WINDOWS\system32\lusrmgr.msc
Or via PSExec...


Then you can access all your net.exe commands as if you were sitting in front of the box.......

olefiskAuthor Commented:
Hi johnb6767

Thanks for Your Prompt Answers, but Your suggestions only shows the local users ......., not the locally created AD-Domain-users.
Thanks for the Advice concerning PStools, PSExec works fine, but I can't figure out the command showing all the User-Accounts which is shown under Control Panel -> User Accounts.
From the command prompt type net users to get a list of accounts.
olefiskAuthor Commented:
Hi again rogerard

Sorry but it still only shows the Local users, the ones which not logon to the AD-domain
johnb6767Connect With a Mentor Commented:
Thats why I wasnt understanding. An AD User is not a local user but you will see an AD user in a Local Group. Any of the methods will do this above.....

"Sorry but it still only shows the Local users, the ones which not logon to the AD-domain"

Unless the Deny Logon Locall Right is populated with certain Domain Users/Groups, then ANY Domain User can logon to the PC. The reason you add them to the Local Groups is because you map thier AD account to local groups for permissions on the local box.....

olefiskAuthor Commented:
Hi rogerard and jonhb6767

Sorry for the delayed reply.
Thanks for Your efforts.

Seems to work fine with the net localgroup <group name>, but is heavy stuff to use on 100 workstations.....
Have tested  the possibility to add and delete users in the local groups, and it works !!
Somebody must have made a GUI-application/interface to handle this, I guess I'm not the only one, who puts domain-users into the local groups.
olefiskAuthor Commented:
have found an amazing tool, that handles the local usergroups:
Hyena from
Works like a charm !!!!!!!
All Courses

From novice to tech pro — start learning today.