Create Microsoft 365 user accounts with PowerShell

This article applies to both Microsoft 365 Enterprise and Office 365 Enterprise.

You can use Microsoft Graph PowerShell to efficiently create user accounts, including multiple accounts.

When you create user accounts in PowerShell, certain account properties are always required. Other properties aren't required but are important. See the following table.

Property name Required? Description
DisplayName
Yes
This is the display name that's used in Microsoft 365 services. For example, Caleb Sills.
UserPrincipalName
Yes
This is the account name that's used to sign in to Microsoft 365 services. For example, [email protected].
FirstName
No
LastName
No
LicenseAssignment
No
This is the licensing plan (also known as the license plan or SKU) from which an available license is assigned to the user account. The license defines the Microsoft 365 services that are available to the account. You don't have to assign a license to a user when you create the account, but the account must have a license to access Microsoft 365 services. You have 30 days to license the user account after you create it.
Password
No
If you don't specify a password, a random password is assigned to the user account, and the password is visible in the results of the command. If you specify a password, it needs to be 8 to 16 ASCII text characters of the following types: lowercase letters, uppercase letters, numbers, and symbols.
UsageLocation
No
This is a valid ISO 3166-1 alpha-2 country code. For example, US for the United States, and FR for France. It's important to provide this value, because some Microsoft 365 services aren't available in certain countries/regions. You can't assign a license to a user account unless the account has this value configured. For more information, see About license restrictions.

Note

Also see Learn how to create user accounts by using the Microsoft 365 admin center.

For a list of additional resources, see Manage users and groups.

Create Microsoft 365 user accounts with Microsoft Graph PowerShell

Note

The Azure Active Directory module is being replaced by the Microsoft Graph PowerShell SDK. You can use the Microsoft Graph PowerShell SDK to access all Microsoft Graph APIs. For more information, see Get started with the Microsoft Graph PowerShell SDK.

First, use a Microsoft Entra DC admin or Cloud Application Admin account to connect to your Microsoft 365 tenant. The cmdlets in this article require the permission scope User.ReadWrite.All or one of the other permissions listed in the 'List subscribedSkus' Graph API reference page. Some commands in this article may require different permission scopes, in which case this will be noted in the relevant section.

Connect-MgGraph -Scopes "User.ReadWrite.All"

Create an individual user account

To create an individual account, use the following syntax:

$PasswordProfile = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile
$PasswordProfile.Password = "<user account password>"
New-MgUser -DisplayName "<display name>" -GivenName "<first name>" -Surname "<last name>" -UserPrincipalName <sign-in name> -UsageLocation <ISO 3166-1 alpha-2 country code> -MailNickname <mailbox name> -PasswordProfile $PasswordProfile -AccountEnabled $true

This example creates an account for the US user John Doe.

$PasswordProfile = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile
$PasswordProfile.Password = "3Rv0y1q39/chsy"
New-MgUser -DisplayName "John Doe" -GivenName "John" -Surname "Doe" -UserPrincipalName [email protected] -UsageLocation "US" -MailNickname "johnd" -PasswordProfile $PasswordProfile -AccountEnabled $true

Create multiple user accounts

  1. Create a comma-separated value (CSV) file that contains the required user account information. For example:

    UserPrincipalName,FirstName,LastName,DisplayName,UsageLocation,MailNickname
    [email protected],Claude,Loiselle,Claude Loiselle,US,claudel
    [email protected],Lynne,Baxter,Lynne Baxter,US,lynneb
    [email protected],Shawn,Melendez,Shawn Melendez,US,shawnm
    

    Note

    The column names and their order in the first row of the CSV file are arbitrary. But make sure the order of the data in the rest of the file matches the order of the column names. And use the column names for the parameter values in the PowerShell for Microsoft 365 command.

  2. This example creates user accounts from the file C:\temp\NewAccounts.csv and logs the results in a file named C:\temp\NewAccountResults.csv.

    # Import the CSV file
    $users = Import-Csv -Path "C:\temp\NewAccounts.csv"
    
    # Create a password profile
    $PasswordProfile = @{
        Password = 'Password123'
        }
    
    # Loop through each user in the CSV file
    foreach ($user in $users) {
        # Create a new user
        $newUser = New-MgUser -DisplayName $user.DisplayName -GivenName $user.FirstName -Surname $user.LastName -UserPrincipalName $user.UserPrincipalName -UsageLocation $user.UsageLocation -MailNickname $user.MailNickname -PasswordProfile $passwordProfile -AccountEnabled
    
        # Assign a license to the new user
        $e5Sku = Get-MgSubscribedSku -All | Where SkuPartNumber -eq 'SPE_E5'
        Set-MgUserLicense -UserId $newUser.Id -AddLicenses @{SkuId = $e5Sku.SkuId} -RemoveLicenses @()
    }
    
    # Export the results to a CSV file
    $users | Export-Csv -Path "C:\temp\NewAccountResults.csv" -NoTypeInformation
    
  3. Review the output file to see the results.

See also

Manage Microsoft 365 user accounts, licenses, and groups with PowerShell

Manage Microsoft 365 with PowerShell

Getting started with PowerShell for Microsoft 365