The Win32_UserAccount class contains information about a user account on a Win32 system.

Quick Start


Most WMI properties are read-only. You can only read values but not change them. Few properties are also writeable. You can assign new values to those properties.

Writeable properties are marked with this icon:   


Data type UInt32

The AccountType property contains flags describing the characteristics of Win32 user account:

UF_TEMP_DUPLICATE_ACCOUNT – Local user account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain.

UF_NORMAL_ACCOUNT – default account type that representing a typical user.

UF_INTERDOMAIN_TRUST_ACCOUNT – account is for a system domain that trusts other domains.

UF_WORKSTATION_TRUST_ACCOUNT – This is a computer account for a Windows NT/Windows 2000 machine that is a member of this domain.

UF_SERVER_TRUST_ACCOUNT – account is for a system backup domain controller that is a member of this domain.


$AccountType = $Servertrustaccount + $Temporaryduplicateaccount


Data type String

The Caption property is a short textual description (one-line string) of the object.


Data type String

The Description property provides a textual description of the object.


Data type Boolean

The Disabled property determines whether the Win32 user account is disabled.

Values: $true or $false. If $true, the user account is disabled.


Data type String

The Domain property indicates the name of the Windows domain to which the user account belongs.

Example: NA-SALES


Data type String

The FullName property indicates the full name of the local user.

Example: Thomas Williams


Data type DateTime

The InstallDate property is datetime value indicating when the object was installed. A lack of a value does not indicate that the object is not installed.


Data type Boolean

The LocalAccount property indicates whether the account is defined on the local machine. To retrieve only accounts defined on the local machine state a query that includes the condition ‘LocalAccount=$true‘.


Data type Boolean

The Lockout property determines whether the user account is locked out of the Win32 system.

Values: $true or $false. If $true, the user account is locked out.


Data type String

The Name property indicates the name of the Win32 user account on the domain specified by the Domain member of this class.

Example: thomasw


Data type Boolean

The PasswordChangeable property determines whether the password on the Win32 user account can be changed.

Values: $true or $false. If $true, the password can be changed.


Data type Boolean

The PasswordExpires property determines whether the password on the Win32 user account will expire.

Values: $true or $false. If $true, the password will expire.


Data type Boolean

The PasswordRequired property determines whether a password is required on the Win32 user account.

Values: $true or $false. If $true, a password is required.


Data type String

The SID property contains the security identifier (SID) for this account. a SID is a string value of variable length used to identify a trustee. Each account has a unique SID issued by an authority (such as a Windows domain), stored in a security database. When a user logs on, the system retrieves the user’s SID from the database and places it in the user’s access token. The system uses the SID in the user’s access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot be used again to identify another user or group.


Data type UInt8

The SIDType property contains enumerated values that specify the type of security identifier (SID). SIDTypes include:

SidTypeUser – Indicates a user SID.

SidTypeGroup – Indicates a group SID.

SidTypeDomain – Indicates a domain SID.

SidTypeAlias – Indicates an alias SID.

SidTypeWellKnownGroup – Indicates a SID for a well-known group.

SidTypeDeletedAccount – Indicates a SID for a deleted account.

SidTypeInvalid – Indicates an invalid SID.

SidTypeUnknown – Indicates an unknown SID type.

SidTypeComputer – Indicates a SID for a computer.

$SIDType_ReturnValue = 


Data type String

The Status property is a string indicating the current status of the object. Various operational and non-operational statuses can be defined. Operational statuses are “OK”, “Degraded” and “Pred Fail”. “Pred Fail” indicates that an element may be functioning properly but predicting a failure in the near future. An example is a SMART-enabled hard drive. Non-operational statuses can also be specified. These are “Error”, “Starting”, “Stopping” and “Service”. The latter, “Service”, could apply during mirror-resilvering of a disk, reload of a user permissions list, or other administrative work. Not all such work is on-line, yet the managed element is neither “OK” nor in one of the other states.

'OK','Error','Degraded','Unknown','Pred Fail','Starting','Stopping','Service','Stressed','NonRecover','No Contact','Lost Comm'



See Also

Help and Questions

  Community Content

You are cordially invited to add knowledge to this page. If you have sample code or additional information related to this WMI class, please share it. Use the comment form to send your information. We will edit and incorparate it into the reference library. Thank you!

Please do not use the comment form to submit questions. If you have questions or need assistance, visit our free forum: Help me with WMI.

Content last updated: 2013-12-27 12:20:44 (UTC).