Set-MsolUser
Updated: July 30, 2015
Applies To: Azure, Office 365, Windows Intune
Note
- The cmdlets were previously known as the Microsoft Online Services Module for Windows PowerShell cmdlets.
Syntax
Set-MsolUser [-AlternateEmailAddresses <string[]>] [-BlockCredential <Boolean>] [-City <string>] [-Country <string>] [-Department <string>] [-DisplayName <string>] [-Fax <string>] [-FirstName <string>] [-ImmutableId <string>] [-LastName <string>] [-MobilePhone <string>] [-ObjectId <Guid>] [-Office <string>] [-PasswordNeverExpires <Boolean>] [-PhoneNumber <string>] [-PostalCode <string>] [-PreferredLanguage <string>] [-State <string>] [-StreetAddress <string>] [-StrongPasswordRequired <Boolean>] [-TenantId <Guid>] [-Title <string>] [-UsageLocation <string>] [-UserPrincipalName <string>] [<CommonParameters>]
Parameters
-AlternateEmailAddresses <string[]>
Alternate email addresses of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-BlockCredential <Boolean>
When true, the user will not be able to sign in using their user ID.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-City <string>
The city of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Country <string>
The country or region of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Department <string>
The department of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-DisplayName <string>
The display name of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Fax <string>
The fax number of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-FirstName <string>
The first name of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-ImmutableId <string>
The immutable ID of the user's federated identity. This should be
omitted for users with standard identities.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-LastName <string>
The last name of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-MobilePhone <string>
The mobile phone number of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-ObjectId <Guid>
The unique ID of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Office <string>
The location of the office of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PasswordNeverExpires <Boolean>
Sets whether or not the user's password will expire periodically.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PhoneNumber <string>
The phone number of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PostalCode <string>
The postal code for the user's location.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PreferredLanguage <string>
The preferred language of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-State <string>
The state or province where the user is located.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-StreetAddress <string>
The street address of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-StrongAuthenticationRequirements <Microsoft.Online.Administration.StrongAuthenticationRequirement>
The multi-factor authentication settings of the user.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-StrongPasswordRequired <Boolean>
Sets whether or not the user requires a strong password.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-TenantId <Guid>
The unique ID of the tenant to perform the operation on. If this is
not provided, then the value will default to the tenant of the current
user. This parameter is only applicable to partner users.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Title <string>
The title of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-UsageLocation <string>
The location of the user where services are consumed. Must be a
two-letter country code.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-UserPrincipalName <string>
The user ID of the user.
Required? false
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer and OutVariable. For more information, type,
"get-help about_commonparameters".
Examples
The following examples show how the cmdlet can be used.
Example 1
The following command sets block credential to true for a CCole, which blocks that user from being able to sign in. This command cannot be used on a synced user. If the user is synced, then you would disable the account in the on-premises federated Active Directory Domain Service (AD DS) domain.
Set-MsolUser -UserPrincipalName [email protected] -blockcredential $true
Example 2
The following command updates the display name for the specified user.
Set-MsolUser -UserPrincipalName [email protected] -DisplayName "Jmie Warner" -Title "Manager" -Department "Finance"
Example 3
The following command sets the location (country) of this user. The country must be a two-letter ISO code. This can be set for synced users as well as managed users.
Set-MsolUser -UserPrincipalName [email protected] -UsageLocation "CA"
Example 4
The following command sets the multi-factor authentication on this user.
Enable a user:
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = “Enabled”
$sta = @($st)
Set-MsolUser -UserPrincipalName [email protected] -StrongAuthenticationRequirements $sta
Enforce a user:
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = “Enforced”
$sta = @($st)
Set-MsolUser -UserPrincipalName [email protected] -StrongAuthenticationRequirements $sta
Disable a user:
$sta = @()
Set-MsolUser -UserPrincipalName [email protected] -StrongAuthenticationRequirements $sta
Additional Resources
There are several other places you can get more information and help. These include: