Jaa


Delete a User Account

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Membership in Account Operators , Domain Admins , or Enterprise Admins , or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at https://go.microsoft.com/fwlink/?LinkId=83477.

Deleting a user account

  • Using the Windows interface

  • Using a command line

To delete a user account using the Windows interface

  1. To open Active Directory Users and Computers, click Start , click Control Panel , double-click Administrative Tools , and then double-click Active Directory Users and Computers .

    To open Active Directory Users and Computers in Windows Server® 2012, click Start , type dsa.msc .

  2. In the console tree, click Users .

    Where?

    • Active Directory Users and Computers\ domain node \Users

    Or, click the folder that contains the user account.

  3. In the details pane, right-click the user account, and then click Delete .

Additional considerations

  • To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or Enterprise Admins group in Active Directory Domain Services (AD DS), or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure.

  • Another way to open Active Directory Users and Computers is to click Start , click Run , and then type dsa.msc .

  • After a user account has been deleted, all permissions and memberships that are associated with that user account are permanently deleted. Because the security identifier (SID) for each account is unique, a new user account with the same name as a previously deleted user account does not automatically assume the permissions and memberships of the previously deleted account. If you want to duplicate a deleted user account, you must recreate all permissions and memberships manually.

  • You can also perform the task in this procedure by using the Active Directory module for Windows PowerShell. To open the Active Directory module, click Start , click Administrative Tools , and then click Active Directory Module for Windows PowerShell .

    To open the Active Directory module for Windows PowerShell in Windows Server 2012, open Server Manager , click Tools and then click Active Directory Module for Windows PowerShell .

    For more information, see Delete a User Account (https://go.microsoft.com/fwlink/?LinkId=138376). For more information about Windows PowerShell, see Windows PowerShell (https://go.microsoft.com/fwlink/?LinkID=102372).

Additional references

To delete a user account using a command line

  1. To open a command prompt, click Start , click Run , type cmd , and then click OK .

    To open a command prompt in Windows Server 2012, click Start , type cmd , and then click OK .

  2. Type the following command, and then press ENTER:

    dsrm <ObjectDN>
    
Parameter Description

<ObjectDN>

Specifies the distinguished name of the user object to be deleted.

To view the complete syntax for this command, and for information about entering user account information, at a command prompt, type the following command, and then press ENTER:

dsrm /? 

Additional considerations

  • To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or Enterprise Admins group in AD DS, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure.

  • After a user account has been deleted, all permissions and memberships that are associated with that user account are permanently deleted. Because the SID for each account is unique, a new user account with the same name as a previously deleted user account does not automatically assume the permissions and memberships of the previously deleted account. If you want to duplicate a deleted user account, you must recreate all permissions and memberships manually.

  • You can also perform the task in this procedure by using the Active Directory module for Windows PowerShell. To open the Active Directory module, click Start , click Administrative Tools , and then click Active Directory Module for Windows PowerShell .

    To open the Active Directory module for Windows PowerShell in Windows Server 2012, open Server Manager , click Tools and then click Active Directory Module for Windows PowerShell .

    For more information, see Delete a User Account (https://go.microsoft.com/fwlink/?LinkId=138376). For more information about Windows PowerShell, see Windows PowerShell (https://go.microsoft.com/fwlink/?LinkID=102372).

Additional references