New-AzADUser

Syntax

WithPassword (Default)

New-AzADUser
    -DisplayName <String>
    -MailNickname <String>
    -UserPrincipalName <String>
    -Password <SecureString>
    [-AboutMe <String>]
    [-AccountEnabled <Boolean>]
    [-AgeGroup <String>]
    [-Birthday <DateTime>]
    [-City <String>]
    [-CompanyName <String>]
    [-ConsentProvidedForMinor <String>]
    [-Country <String>]
    [-DeletedDateTime <DateTime>]
    [-Department <String>]
    [-DeviceEnrollmentLimit <Int32>]
    [-EmployeeHireDate <DateTime>]
    [-EmployeeId <String>]
    [-EmployeeType <String>]
    [-ExternalUserState <String>]
    [-ExternalUserStateChangeDateTime <DateTime>]
    [-FaxNumber <String>]
    [-GivenName <String>]
    [-HireDate <DateTime>]
    [-Interest <String[]>]
    [-IsResourceAccount]
    [-JobTitle <String>]
    [-Mail <String>]
    [-MobilePhone <String>]
    [-MySite <String>]
    [-OfficeLocation <String>]
    [-ImmutableId <String>]
    [-OtherMail <String[]>]
    [-PasswordPolicy <String>]
    [-PostalCode <String>]
    [-PreferredLanguage <String>]
    [-PreferredName <String>]
    [-Responsibility <String[]>]
    [-School <String[]>]
    [-ShowInAddressList]
    [-Skill <String[]>]
    [-State <String>]
    [-StreetAddress <String>]
    [-Surname <String>]
    [-UsageLocation <String>]
    [-UserType <String>]
    [-ForceChangePasswordNextLogin]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

WithPasswordProfile

New-AzADUser
    -DisplayName <String>
    -MailNickname <String>
    -UserPrincipalName <String>
    -PasswordProfile <IMicrosoftGraphPasswordProfile>
    [-AboutMe <String>]
    [-AccountEnabled <Boolean>]
    [-AgeGroup <String>]
    [-Birthday <DateTime>]
    [-City <String>]
    [-CompanyName <String>]
    [-ConsentProvidedForMinor <String>]
    [-Country <String>]
    [-DeletedDateTime <DateTime>]
    [-Department <String>]
    [-DeviceEnrollmentLimit <Int32>]
    [-EmployeeHireDate <DateTime>]
    [-EmployeeId <String>]
    [-EmployeeType <String>]
    [-ExternalUserState <String>]
    [-ExternalUserStateChangeDateTime <DateTime>]
    [-FaxNumber <String>]
    [-GivenName <String>]
    [-HireDate <DateTime>]
    [-Interest <String[]>]
    [-IsResourceAccount]
    [-JobTitle <String>]
    [-Mail <String>]
    [-MobilePhone <String>]
    [-MySite <String>]
    [-OfficeLocation <String>]
    [-ImmutableId <String>]
    [-OtherMail <String[]>]
    [-PasswordPolicy <String>]
    [-PostalCode <String>]
    [-PreferredLanguage <String>]
    [-PreferredName <String>]
    [-Responsibility <String[]>]
    [-School <String[]>]
    [-ShowInAddressList]
    [-Skill <String[]>]
    [-State <String>]
    [-StreetAddress <String>]
    [-Surname <String>]
    [-UsageLocation <String>]
    [-UserType <String>]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

Examples

Example 1: Create user with password profile

$password = "xxxxxxxxxx"
$pp = New-Object -TypeName "Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.IMicrosoftGraphPasswordProfile" -Property @{Password=$password}
New-AzADUser -DisplayName $uname -PasswordProfile $pp -AccountEnabled $true -MailNickname $nickname -UserPrincipalName $upn

Example 2: Create user with password

$password = ConvertTo-SecureString -String "****" -AsPlainText -Force
New-AzADUser -DisplayName $uname -Password $password -AccountEnabled $true -MailNickname $nickname -UserPrincipalName $upn

Parameters

-AboutMe

A freeform text entry field for the user to describe themselves. Returned only on $select.

Parameter properties

Parameter sets

-AccountEnabled

true for enabling the account; otherwise, false.

Parameter properties

Parameter sets

-AgeGroup

Sets the age group of the user. Allowed values: null, minor, notAdult and adult. Refer to the legal age group property definitions for further information. Supports $filter (eq, ne, NOT, and in).

Parameter properties

Parameter sets

-Birthday

The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z Returned only on $select.

Parameter properties

Parameter sets

-City

The city in which the user is located. Maximum length is 128 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-CompanyName

The company name which the user is associated. This property can be useful for describing the company that an external user comes from. The maximum length of the company name is 64 characters.Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Parameter sets

-ConsentProvidedForMinor

Sets whether consent has been obtained for minors. Allowed values: null, granted, denied and notRequired. Refer to the legal age group property definitions for further information. Supports $filter (eq, ne, NOT, and in).

Parameter properties

Parameter sets

-Country

The country/region in which the user is located; for example, US or UK. Maximum length is 128 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Parameter properties

Parameter sets

-DeletedDateTime

.

Parameter properties

Parameter sets

-Department

The name for the department in which the user works. Maximum length is 64 characters.Supports $filter (eq, ne, NOT , ge, le, and in operators).

Parameter properties

Parameter sets

-DeviceEnrollmentLimit

The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000.

Parameter properties

Parameter sets

-DisplayName

The name displayed in the address book for the user. This value is usually the combination of the user's first name, middle initial, and last name. This property is required when a user is created and it cannot be cleared during updates. Maximum length is 256 characters. Supports $filter (eq, ne, NOT , ge, le, in, startsWith), $orderBy, and $search.

Parameter properties

Parameter sets

-EmployeeHireDate

The date and time when the user was hired or will start work in case of a future hire. Supports $filter (eq, ne, NOT , ge, le, in).

Parameter properties

Parameter sets

-EmployeeId

The employee identifier assigned to the user by the organization. Supports $filter (eq, ne, NOT , ge, le, in, startsWith).

Parameter properties

Parameter sets

-EmployeeType

Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Supports $filter (eq, ne, NOT , ge, le, in, startsWith).

Parameter properties

Parameter sets

-ExternalUserState

For an external user invited to the tenant using the invitation API, this property represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. Supports $filter (eq, ne, NOT , in).

Parameter properties

Parameter sets

-ExternalUserStateChangeDateTime

Shows the timestamp for the latest change to the externalUserState property. Supports $filter (eq, ne, NOT , in).

Parameter properties

Parameter sets

-FaxNumber

The fax number of the user. Supports $filter (eq, ne, NOT , ge, le, in, startsWith).

Parameter properties

Parameter sets

-ForceChangePasswordNextLogin

It must be specified if the user must change the password on the next successful login (true). Default behavior is (false) to not change the password on the next successful login.

Parameter properties

Parameter sets

-GivenName

The given name (first name) of the user. Maximum length is 64 characters. Supports $filter (eq, ne, NOT , ge, le, in, startsWith).

Parameter properties

Parameter sets

-HireDate

The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property is specific to SharePoint Online. We recommend using the native employeeHireDate property to set and update hire date values using Microsoft Graph APIs.

Parameter properties

Parameter sets

-ImmutableId

This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters cannot be used when specifying this property. Returned only on $select. Supports $filter (eq, ne, NOT, ge, le, in)..

Parameter properties

Parameter sets

-Interest

A list for the user to describe their interests. Returned only on $select.

Parameter properties

Parameter sets

-IsResourceAccount

Do not use - reserved for future use.

Parameter properties

Parameter sets

-JobTitle

The user's job title. Maximum length is 128 characters. Supports $filter (eq, ne, NOT , ge, le, in, startsWith).

Parameter properties

Parameter sets

-Mail

The SMTP address for the user, for example, [email protected]. Changes to this property will also update the user's proxyAddresses collection to include the value as an SMTP address. While this property can contain accent characters, using them can cause access issues with other Microsoft applications for the user. Supports $filter (eq, ne, NOT, ge, le, in, startsWith, endsWith).

Parameter properties

Parameter sets

-MailNickname

The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-MobilePhone

The primary cellular telephone number for the user. Read-only for users synced from on-premises directory. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-MySite

The URL for the user's personal site. Returned only on $select.

Parameter properties

Parameter sets

-OfficeLocation

The office location in the user's place of business. Maximum length is 128 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-OtherMail

A list of additional email addresses for the user; for example: ['[email protected]', '[email protected]'].NOTE: While this property can contain accent characters, they can cause access issues to first-party applications for the user.Supports $filter (eq, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-Password

Password for the user. It must meet the tenant's password complexity requirements. It is recommended to set a strong password.

Parameter properties

Parameter sets

-PasswordPolicy

Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two may be specified together; for example: DisablePasswordExpiration, DisableStrongPassword.Supports $filter (ne, NOT).

Parameter properties

Parameter sets

-PasswordProfile

passwordProfile To construct, see NOTES section for PASSWORDPROFILE properties and create a hash table.

Parameter properties

Parameter sets

-PostalCode

The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-PreferredLanguage

The preferred language for the user. Should follow ISO 639-1 Code; for example en-US. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-PreferredName

The preferred name for the user. Returned only on $select.

Parameter properties

Parameter sets

-Responsibility

A list for the user to enumerate their responsibilities. Returned only on $select.

Parameter properties

Parameter sets

-School

A list for the user to enumerate the schools they have attended. Returned only on $select.

Parameter properties

Parameter sets

-ShowInAddressList

true if the Outlook global address list should contain this user, otherwise false. If not set, this will be treated as true. For users invited through the invitation manager, this property will be set to false. Supports $filter (eq, ne, NOT, in).

Parameter properties

Parameter sets

-Skill

A list for the user to enumerate their skills. Returned only on $select.

Parameter properties

Parameter sets

-State

The state or province in the user's address. Maximum length is 128 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-StreetAddress

The street address of the user's place of business. Maximum length is 1024 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-Surname

The user's surname (family name or last name). Maximum length is 64 characters. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-UsageLocation

A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: US, JP, and GB. Not nullable. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).

Parameter properties

Parameter sets

-UserPrincipalName

The user principal name (UPN) of the user. The UPN is an Internet-style login name for the user based on the Internet standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where domain must be present in the tenant's collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: While this property can contain accent characters, they can cause access issues to first-party applications for the user. Supports $filter (eq, ne, NOT, ge, le, in, startsWith, endsWith) and $orderBy.

Parameter properties

Parameter sets

-UserType

A string value that can be used to classify user types in your directory, such as Member and Guest. Supports $filter (eq, ne, NOT, in,).

Parameter properties

Parameter sets

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Parameter sets

CommonParameters

Outputs

IMicrosoftGraphUser