/
  • Last updated
/
  • 6 min read

How to Use WAC to Manage Users and Groups in Windows 10

How to Use WAC to Manage Users and Groups in Windows 10 blog banner image

Windows Admin Center (WAC) is a browser-based tool from Microsoft that manages Windows systems in a single dashboard without the need for complex GUIs or scripts. It lets you manage users and groups in Windows 10 from any browser. With it, everything is centralized and accessible, removing the need for remote desktop logins.

This tool simplifies tasks like creating accounts, resetting passwords, or adjusting permissions without physical access. In this guide, we will help you master this tool for seamless and secure system management.

A step-by-step guide to managing users and groups via WAC

Follow these steps to handle accounts and permissions remotely with ease in Windows 10 using WAC.

Step 1: Launch Windows Admin Center

If you do not have WAC, you can install it on a gateway server for enterprise users. If you are using a personal device, you can install it locally with an administrator user account.

  1. Open your browser (Microsoft Edge or Google Chrome is highly recommended).
  2. Go to https://localhost or your WAC gateway’s domain, like server01.yournetwork.com.
  3. Sign in with an account with administrative access to the target Windows 10 machine.

NOTE: Make sure the target is running on Windows 10 Pro, Enterprise, or Education versions (Home Edition is not supported) and has remote management enabled.

Step 2: Connect to the target system

  1. From the WAC dashboard, select or add the Windows 10 device you want to manage. To add a device in WAC:
    1. Make sure the target device has remote management enabled by inputting this script in PowerShell (admin):

Winrm quickconfig

    1. Allow remote connections by ensuring that Windows Defender Firewall or any third-party firewall allows inbound WinRM traffic.
    2. Click +Add in the WAC dashboard’s All connections view.
    3. Select Windows PC.
    4. Enter the device’s name or Fully Qualified Domain Name (FQDN).
    5. If prompted, provide the credentials and the necessary permissions to manage the device.
    6. Click Add to confirm.
  2. Once connected, the left-hand menu will display tools like Updates, Files, and Local Users and Groups.

Step 3: Open the Local Users and Groups tool

(Note: This is not available in Windows 10 Home Edition.)

  1. Click Local Users and Groups in the left-hand menu.
  2. You’ll see two tabs: Users (for accounts) and Groups (for permissions).

Step 4: Manage users

  • Create a new user:
    1. Under the Users tab, click +Add.
    2. Enter a username, password, and optional description.

NOTE: You can toggle other options like Require password change at next login or Disable account.

  • Edit an existing user:
    1. Select the user you want to edit.
    2. Click Properties, then update group memberships, reset passwords, or enable/disable the account.
  • Delete a user:
    1. Select the user.
    2. Click Delete.

NOTE: It is recommended to avoid removing built-in accounts like Administrator.

Step 5: Manage groups

  • Create a group: Under the Groups tab, click +Add. Name the group and add a description.
  • Modify group memberships: Select a group, click Members, then Add or Remove accounts.
  • Delete a group: Select non-essential groups (we recommend not deleting default groups like Administrators), then click Delete.

Pro tips for advanced user and group management in Windows 10

These strategies will allow you to maximize WAC to its full potential.

Using PowerShell scripts behind the scenes

Every action in WAC runs PowerShell commands automatically. If you want to automate the creation of local users and groups, you can reuse the generated scripts, which are visible in its PowerShell tool, for bulk tasks.

Audit logging

If you need to track who edited local users and groups in Windows 10, you can forward the WAC activity log to an SIEM tool or use Windows Event Viewer (Event ID 4720-4732 for user/group changes).

Integration with RBAC

Deploy WAC in gateway mode to use its role-based access control (RBAC) via Azure AD, then assign permissions or local groups. Example: Let help desk staff reset passwords without granting full admin rights.

Hybrid management

Link WAC to Azure for features like Azure Security Center alerts or Update Management, which is ideal for Windows 10 devices split between home offices and corporate networks.

Frequently Asked Questions (FAQ)

Can WAC manage domain accounts?

No. WAC only handles local users and groups in Windows. For domain accounts, you can use Active Directory Users and Computers, Microsoft Entra ID, or NinjaOne.

Does the target PC need to be on the same network?

Yes, unless you configure WAC with a secure gateway, like Azure Arc, or use a VPN. This ensures remote edits to local users and groups remain secure.

Is WAC preinstalled in Windows 10?

No. You can download it for free on Microsoft’s official site and install it on your admin workstation or server.

Can I restrict WAC access for certain users?

Yes. Use the RBAC feature in WAC’s gateway mode or integrate with Azure AD to limit who can edit users and groups.

Troubleshooting common issues with managing WAC users and groups

If you’re stuck managing users and groups in Windows 10, here’s how you can resolve frequent WAC problems.

Issue: The users and groups in WAC are not loading

  1. Make sure that the target Windows 10 device is online and reachable over the network.
  2. Next, confirm that its remote management setting is enabled (see Step 2).
  3. If you’re using a WAC gateway, make sure that it also has network access to the target device.

Issue: The add and edit buttons are grayed out

Do any of these to resolve this issue:

  • Make sure the account you are accessing on the Windows 10 device has administrative privileges.
  • Restart WAC or refresh the browser since there are times when cached sessions retain limited privileges.

Issue: The changes are not applying

There are a few reasons why this is happening. Here are a couple of the common ones:

  • The firewall is blocking the remote management settings. Make sure that Windows Defender Firewall (or third-party firewall) or your antivirus software is not blocking the 5985 (HTTP) or 5986 (HTTPS) ports and that they are open.
  • Test the device’s network latency, since high delays can disrupt the WAC’s communication. Use the scripts ping or Test-NetConnection in PowerShell.

Effortlessly manage users and groups in Windows 10 via WAC

User access management in Windows is essential, and with WAC, you won’t need clunky tools anymore. Instead, you’ll benefit from a sleek, browser-based dashboard that lets you edit local users and groups remotely.

WAC simplifies tasks like password resets or permission tweaks in minutes. Its lightweight design and Azure integration make it ideal for hybrid setups. It’s time to embrace WAC, your gateway to streamlined, secure Windows 10 management.

Start your Free Trial

You might also like

NinjaOne's Human Centered Approach to AI blog post image

NinjaOne’s Human-Centered Approach to AI

Install or Uninstall Windows Media Player Legacy App in Windows 11 blog banner image

How to Install or Uninstall Windows Media Player Legacy App in Windows 11

How to Turn On or Off Caret Browsing in Microsoft Edge blog banner image

How to Turn On or Off Caret Browsing in Microsoft Edge

How to Switch Between Open Windows in Windows 11 blog banner image

How to Switch Between Open Windows in Windows 11

How to Open Command Prompt at Boot in Windows 11 blog banner image

How to Open Command Prompt at Boot in Windows 11

How to Enable or Disable Graphics Hardware Acceleration in Microsoft Edge blog banner image

How to Enable or Disable Graphics Hardware Acceleration in Microsoft Edge

Back to Blog Home
Ready to simplify the hardest parts of IT?
Start a Free Trial
Get a demo
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
I Accept