User and Group Enumeration

The net command uses NetAPIs to list user information on local host or in Active Directory. The command is not to be confused with the net.exe executable which is a process instead of a windows api. This command accepts multiple parameters. Make note of the difference between the argument ‘users’ and ‘user’. If you use ‘users’ argument, it will enumerate all the users, however if you use the ‘user’ argument, then you need to provide a third argument with an optional fourth argument to specify which user to enumerate and on which host/domain.

The net command can also enumerate groups locally or remotely similar to the user enumeration.