none
CMD line to delete domain group from a local machine RRS feed

  • Question

  • I want to delete a domain secuirty group from my local machine. The security group name is XYZ\Desktop Administrator where XYZ is a domain.

    I tried to delete it using the command line:

    1. net localgroup Administrators XYZ\Desktop Administrator /Delete

    it throws following error:

    There is no such global user or group: XYZ\Desktop.

    There is no such global user or group: Administrator.

    2. I changed the command line and tried following:

    net localgroup "Administrators" "XYZ\Desktop Administrator"/Delete  or net localgroup "Administrators" "Desktop Administrator

    The syntax of this command is:

    NET LOCALGROUP
    [groupname [/COMMENT:"text"]] [/DOMAIN]
                  groupname {/ADD [/COMMENT:"text"] | /DELETE}  [/DOMAIN]
                  groupname name [...] {/ADD | /DELETE} [/DOMAIN]

    Can anyone help how to delete a domain security group name where there is SPACE between first name and last namelike above case. If I use double quote, CMD env throws SYNTAX error and if I dont use double quote, CMD accepts Desktop and Administrator as two different account. Please help.

    Friday, December 13, 2013 2:13 PM

Answers

  • Also, you must put the parameters of the net use command in the correct order.


    C:\>net help localgroup
    The syntax of this command is:
    
    NET LOCALGROUP
    [groupname [/COMMENT:"text"]] [/DOMAIN]
                  groupname {/ADD [/COMMENT:"text"] | /DELETE}  [/DOMAIN]
                  groupname name [...] {/ADD | /DELETE} [/DOMAIN]
    ...
    

    This help information tells you that you put the group name first after the words net localgroup. As Forest brook pointed out, if the group name contains spaces, you must enclose it in quotes.

    After the group name, put the name of the user or group you want to add to (or remove from) the local group. If the user or group name contains spaces, as noted, you must enclose it in quotes. After this group name, put the parameter /ADD to add to the local group, or put /DELETE to remove.

    For example, suppose you want to add the domain group FABRIKAM\Account Operators to the local Administrators group. This is the command you would enter:


    C:\> net localgroup Administrators "FABRIKAM\Account Operators" /add

    This command adds FABRIKAM\Account Operators to the local Administrators group.

    In your specific case, it looks like the command would be:


    C:\> net localgroup Administrators "XYZ\Desktop Administrator" /delete

    Bill
    Tuesday, December 17, 2013 2:13 AM
    Moderator

All replies

  • net localgroup Administrators /Delete "XYZ\Desktop Administrator"


    ¯\_(ツ)_/¯

    • Proposed as answer by jrv Tuesday, December 17, 2013 2:20 AM
    Friday, December 13, 2013 2:22 PM
  • IIRC, I think the /delete parameter comes after the group you want to remove, like this:


    net localgroup Administrators "DOMAIN\Name to Remove" /delete

    Bill

    • Proposed as answer by jrv Friday, December 13, 2013 9:05 PM
    Friday, December 13, 2013 8:19 PM
    Moderator
  • Bill - that is where he started.  The delete needs to be before the name you want to remove but after the group name.

    Look at the help for net.

    NET LOCALGROUP
                  groupname  /DELETE}
                  groupname name [...]

    It is a bit squirrelly because of the way it is laid out.  The help is trying to resolve too many options.  He wants to delete the item in  the local admin group. 


    ¯\_(ツ)_/¯


    • Edited by jrv Friday, December 13, 2013 9:06 PM
    Friday, December 13, 2013 9:04 PM
  • Try this to see how it works:

    net localgroup /add testgrp
    net localgroup testgrp  /add administrators
    net localgroup testgrp  /delete administrators
    net localgroup /delete testgrp


    ¯\_(ツ)_/¯

    Friday, December 13, 2013 9:08 PM
  • Thnx for reply. But that didn't worked.I already tried it many time before writing this post. Is there any problem as there is GAP between two words "Desktop Administrators" ? Because I use without gap, system is accepting it as two diff account i.e. Desktop and another Administrators and if I use them in double quote, it throws error of system don't find specified account.

    I tried all different commands..those mentioned by you too....

    Any Idea?

    Monday, December 16, 2013 11:11 AM
  • Thnx for reply. But that didn't work.I already tried it many time before writing this post. Is there any problem as there is GAP between two words "Desktop Administrators" ? 
    When you work at the Command Prompt then you must surround all strings that have embedded spaces with double quotes. Bill gave you an example in his reply, as did JRV. This goes for account names, group names, file names, folder names. Examples:

    dir  "c:\Program Files"
    net user "Kiran Kr Tamang"
    net localgroup "Desktop Administrators"



    Monday, December 16, 2013 11:43 AM
  • Also, you must put the parameters of the net use command in the correct order.


    C:\>net help localgroup
    The syntax of this command is:
    
    NET LOCALGROUP
    [groupname [/COMMENT:"text"]] [/DOMAIN]
                  groupname {/ADD [/COMMENT:"text"] | /DELETE}  [/DOMAIN]
                  groupname name [...] {/ADD | /DELETE} [/DOMAIN]
    ...
    

    This help information tells you that you put the group name first after the words net localgroup. As Forest brook pointed out, if the group name contains spaces, you must enclose it in quotes.

    After the group name, put the name of the user or group you want to add to (or remove from) the local group. If the user or group name contains spaces, as noted, you must enclose it in quotes. After this group name, put the parameter /ADD to add to the local group, or put /DELETE to remove.

    For example, suppose you want to add the domain group FABRIKAM\Account Operators to the local Administrators group. This is the command you would enter:


    C:\> net localgroup Administrators "FABRIKAM\Account Operators" /add

    This command adds FABRIKAM\Account Operators to the local Administrators group.

    In your specific case, it looks like the command would be:


    C:\> net localgroup Administrators "XYZ\Desktop Administrator" /delete

    Bill
    Tuesday, December 17, 2013 2:13 AM
    Moderator
  • net localgroup Administrators /Delete "XYZ\Desktop Administrator"


    ¯\_(ツ)_/¯

    I posted this three different times.  It is the method that works and has been since the first answer in the thread.

    Wanna go another round?


    ¯\_(ツ)_/¯

    Tuesday, December 17, 2013 2:20 AM
  • That works too, although it runs afoul of the documented syntax. The documented way (from the help description) is to put the /add or /delete after the member to be added or deleted.

    Bill

    Tuesday, December 17, 2013 2:32 AM
    Moderator
  • That works too, although it runs afoul of the documented syntax. The documented way (from the help description) is to put the /add or /delete after the member to be added or deleted.

    Bill

    It all depends on exactly how you read it.  I noted earlier that the documentation is a bit ambiguous.

    The  line also reads correctly

    net localgroup <name> /delete <name>

    It works either way.


    ¯\_(ツ)_/¯

    Tuesday, December 17, 2013 2:50 AM
  • Thnx for your reply. I checked and found that above commands work for any account name with space in between two words which are builtin account(by default )created in AD. If we create manually any account name with space in between two words, such command line wont work.

    Thanks for your time. 

    Thursday, December 19, 2013 5:01 AM
  • Thnx for your reply. I checked and found that above commands work for any account name with space in between two words which are builtin account(by default )created in AD. If we create manually any account name with space in between two words, such command line wont work.

    Thanks for your time. 

    Thursday, December 19, 2013 5:01 AM
  • If we create manually any account name with space in between two words, such command line wont work.

    This command works well:

    net  user  "Kirang Tamang"  /add  /domain

    Thursday, December 19, 2013 7:51 AM
  • When you say that something didn't work, you have to say how it didn't work.

    Please post the exact command you are running that "won't work," and the exact error message. Copy and paste both the command and the error message. Remember, we can't see your screen.

    Bill

    Friday, December 20, 2013 3:26 PM
    Moderator