New-AzureADUser
Creates an AD user.
Syntax
New-AzureADUser
[-ExtensionProperty <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
-AccountEnabled <Boolean>
[-AgeGroup <String>]
[-City <String>]
[-CompanyName <String>]
[-ConsentProvidedForMinor <String>]
[-Country <String>]
[-CreationType <String>]
[-Department <String>]
-DisplayName <String>
[-FacsimileTelephoneNumber <String>]
[-GivenName <String>]
[-IsCompromised <Boolean>]
[-ImmutableId <String>]
[-JobTitle <String>]
[-MailNickName <String>]
[-Mobile <String>]
[-OtherMails <System.Collections.Generic.List`1[System.String]>]
[-PasswordPolicies <String>]
-PasswordProfile <PasswordProfile>
[-PhysicalDeliveryOfficeName <String>]
[-PostalCode <String>]
[-PreferredLanguage <String>]
[-ShowInAddressList <Boolean>]
[-SignInNames <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]>]
[-State <String>]
[-StreetAddress <String>]
[-Surname <String>]
[-TelephoneNumber <String>]
[-UsageLocation <String>]
[-UserPrincipalName <String>]
[-UserState <String>]
[-UserStateChangedOn <String>]
[-UserType <String>]
[<CommonParameters>]
Description
The New-AzureADUser cmdlet creates a user in Azure Active Directory (AD).
Examples
Example 1: Create a user
-AzureADUser -DisplayName "New User" -PasswordProfile $PasswordProfile -UserPrincipalName "[email protected]" -AccountEnabled $true -MailNickName "Newuser"
ObjectId DisplayName UserPrincipalName UserType
-------- ----------- ----------------- --------
5e8b0f4d-2cd4-4e17-9467-b0f6a5c0c4d0 New user [email protected] Member
This command creates a new user.
Parameters
-AccountEnabled
Indicates whether the user's account is enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AgeGroup
{{ Fill AgeGroup Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-City
Specifies the user's city.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CompanyName
{{ Fill CompanyName Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ConsentProvidedForMinor
{{ Fill ConsentProvidedForMinor Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Country
Specifies the user's country or region.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreationType
Indicates whether the user account is a local account for an Azure Active Directory B2C tenant. Possible values are "LocalAccount" and null. When creating a local account, the property is required and you must set it to "LocalAccount". When creating a work or school account, do not specify the property or set it to null.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Department
Specifies the user's department.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
Specifies the user's display name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ExtensionProperty
@{Text=}
Type: | Dictionary<TKey,TValue>[System.String,System.String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FacsimileTelephoneNumber
{{Fill FacsimileTelephoneNumber Description}}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GivenName
Specifies the user's given name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ImmutableId
This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's userPrincipalName (UPN) property.
Important: The $ and _ characters cannot be used when specifying this property.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsCompromised
Indicates whether this user is compromised.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-JobTitle
Specifies the user's job title.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MailNickName
Specifies the user's mail nickname.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Mobile
Specifies the user's mobile phone number.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OtherMails
A list of additional email addresses for the user; for example: "[email protected]", "[email protected]".
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PasswordPolicies
Specifies password policies for the user. This value is an enumeration with one possible value being "DisableStrongPassword", which allows weaker passwords than the default policy to be specified. "DisablePasswordExpiration" can also be specified. The two may be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword".
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PasswordProfile
Specifies the user's password profile. Note that the parameter type for this parameter is "PasswordProfile". in order to pass a parameter of this type, you first need to create a vairable in PowerShell with that type:
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
Then you can proceed to set the value of the password in this variable:
$PasswordProfile.Password = "<Password>"
And finally you can pass this variable to the cmdlet:
New-AzureADUser -PasswordProfile $PasswordProfile ...
Other attributes that can be set in the PasswordProfile are
$PasswordProfile.EnforceChangePasswordPolicy - a boolean indicating that the change password policy is enababled or disabled for this user $PasswordProfile.ForceChangePasswordNextLogin - a boolean indicating that the user must change the password at the next sign in
Type: | PasswordProfile |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PhysicalDeliveryOfficeName
Specifies the user's physical delivery office name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PostalCode
Specifies the user's postal code.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreferredLanguage
Specifies the user's preferred language.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ShowInAddressList
If True, show this user in the address list.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SignInNames
Specifies the collection of sign-in names for a local account in an Azure Active Directory B2C tenant. Each sign-in name must be unique across the company/tenant. The property must be specified when you create a local account user; do not specify it when you create a work or school account.
Type: | List<T>[Microsoft.Open.AzureAD.Model.SignInName] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-State
Specifies the user's state.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-StreetAddress
Specifies the user's street address.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Surname
Specifies the user's surname.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TelephoneNumber
Specifies a telephone number.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UsageLocation
A two letter country or region code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries and regions. Examples include: "US", "JP", and "GB".
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserPrincipalName
The user principal name (UPN) of the user. The UPN is an Internet-style login name for the user based on the Internet standard RFC 822. By convention, this should map to the user's email name. The general format is "alias@domain". For work or school accounts, the domain must be present in the tenant's collection of verified domains. This property is required when a work or school account is created; it is optional for local accounts.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserState
{{ Fill UserState Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserStateChangedOn
{{ Fill UserStateChangedOn Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserType
A string value that can be used to classify user types in your directory, such as "Member" and "Guest".
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |