Managing user accounts with Drush on multisite

One of the main things I seem to use Drush for is managing user accounts. This is particularly because I work with some large multisite instances where user accounts need to be added/removed/amended across all sites in bulk.

This is a quick reference to some of the common tasks, as well as some Drush SQL queries which I use to get around a couple of things you can't do purely with Drush syntax. For a full list of the Drush user commands check out

Using Drush in a multisite setup

If you're not familiar with running Drush across multisite instances, this where @sites comes in handy. For example drush @sites cc - when run it in the root of your multisite instance - will clear the cache of all sites within the multisite setup

To run your Drush command for one site in a multisite install, you will need to omit @sites, and run the command from within that individual sites folder. This is the folder which contains that sites settings.php file, eg. /sites/mySite/.

Adding a new user account to all sites

drush @sites user-create Bob --mail='' --password='xxxxx'

Remove a user account on all sites

drush @sites user-cancel Bob

Block/disable a user account on all sites

drush @sites user-block Bob

Using SQL query and users email address:

drush @sites sqlq "UPDATE users SET status = '0' WHERE lower(mail) = ''"

Add a new role to all sites

drush @sites role-create 'testrole'

Assign a user a role on all sites

drush @sites user-add-role 'testrole' --name=Bob

Add permissions to a role across on all sites

Firstly I manually set up the permissions on one site via the site interface. Once I've done that I get a list of all those permissions that have been added to that one site using Drush.

drush role-list 'testrole'

Once you have the list of permissions it's easy to generate Drush scripts for adding them across all sites.

Drush 6.x
Unfortunately it seems you have to add each one individually with Drush 6 - this is a pain as it clears the site cache after each addition.

drush @sites role-add-perm 'testrole' 'some permission1'
drush @sites role-add-perm 'testrole' 'some permission2'

Drush 7.x
With Drush 7 you can add a string of permissions.

drush @sites role-add-perm 'testrole' 'some permission1'
drush @sites role-add-perm 'testrole' "'some permission1','some permission2'"

Reset user password across all sites

drush @sites upwd Bob --password='xxxxxxxxx'

Use SQL query to update user details

In the below example I'm resetting the name and email for the sites 'super-admin', ie. user 1.

drush @sites sqlq "update users set name='Bob', mail='' where uid = 1;"

SQL to find user by Email address & change their Username

When you want to change a users password with Drush you do it by querying against their username. If a user needs their password changed on a multisite instance, and has used inconsistent usernames but similar email address you can't easily run the password reset. You can use the below to make all the usernames the same, and after that you can easily run the Drush command to change their password across all sites. BTW the 'lower(mail)' bit just makes sure that the email address match isn't case sensitive.

drush @sites sqlq "UPDATE users SET name = 'billy.bob' WHERE lower(mail) = ''"
Justin Chevallier

Justin Chevallier

Avid Drupal site builder & user for +10 years.

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.