Edit

Share via

New-AzureADUser

Module:
AzureAD Module

Creates an Azure AD user.

Syntax

Default (Default) 

New-AzureADUser
    [-ExtensionProperty <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
    -AccountEnabled <Boolean>
    [-AgeGroup <String>]
    [-City <String>]
    [-CompanyName <String>]
    [-ConsentProvidedForMinor <String>]
    [-Country <String>]
    [-CreationType <String>]
    [-Department <String>]
    -DisplayName <String>
    [-FacsimileTelephoneNumber <String>]
    [-GivenName <String>]
    [-IsCompromised <Boolean>]
    [-ImmutableId <String>]
    [-JobTitle <String>]
    [-MailNickName <String>]
    [-Mobile <String>]
    [-OtherMails <System.Collections.Generic.List`1[System.String]>]
    [-PasswordPolicies <String>]
    -PasswordProfile <PasswordProfile>
    [-PhysicalDeliveryOfficeName <String>]
    [-PostalCode <String>]
    [-PreferredLanguage <String>]
    [-ShowInAddressList <Boolean>]
    [-SignInNames <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]>]
    [-State <String>]
    [-StreetAddress <String>]
    [-Surname <String>]
    [-TelephoneNumber <String>]
    [-UsageLocation <String>]
    [-UserPrincipalName <String>]
    [-UserState <String>]
    [-UserStateChangedOn <String>]
    [-UserType <String>]
    [<CommonParameters>]

Description

The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).

Examples

Example 1: Create a user

$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "<Password>"
New-AzureADUser -DisplayName "New User" -PasswordProfile $PasswordProfile -UserPrincipalName "NewUser@contoso.com" -AccountEnabled $true -MailNickName "Newuser"

ObjectId                             DisplayName UserPrincipalName               UserType
--------                             ----------- -----------------               --------
5e8b0f4d-2cd4-4e17-9467-b0f6a5c0c4d0 New user    NewUser@contoso.com             Member

This command creates a new user.

Parameters

-AccountEnabled

Indicates whether the user's account is enabled.

Parameter properties

Type:Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AgeGroup

This specifies the user's age group.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-City

Specifies the user's city.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-CompanyName

This specifies the user's company name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ConsentProvidedForMinor

The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Country

Specifies the user's country or region.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-CreationType

Indicates whether the user account is a local account for an Azure Active Directory B2C tenant.

Possible values are LocalAccount and null. When creating a local account, the property is required and you must set it to LocalAccount. When creating a work or school account, do not specify the property or set it to null.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Department

Specifies the user's department.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisplayName

Specifies the user's display name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ExtensionProperty

The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).

Parameter properties

Type:

Dictionary<TKey,TValue>[System.String,System.String]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-FacsimileTelephoneNumber

This specifies the user's telephone number.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-GivenName

Specifies the user's given name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ImmutableId

This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's userPrincipalName (UPN) property.

Important: The $ and _ characters cannot be used when specifying this property.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-IsCompromised

Indicates whether this user is compromised.

Parameter properties

Type:Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-JobTitle

Specifies the user's job title.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-MailNickName

Specifies the user's mail nickname.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Mobile

Specifies the user's mobile phone number.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-OtherMails

A list of additional email addresses for the user. For example, bob@contoso.com, Robert@fabrikam.com.

Parameter properties

Type:

List<T>[String]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PasswordPolicies

Specifies password policies for the user.

This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two may be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword".

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PasswordProfile

Specifies the user's password profile. Note that the parameter type for this parameter is PasswordProfile. In order to pass a parameter of this type, you first need to;

  1. create a variable in PowerShell with that type:

$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile

  1. Set the value of the password in this variable:

$PasswordProfile.Password = "\<Password\>"

  1. Finally pass this variable to the cmdlet:

New-AzureADUser -PasswordProfile $PasswordProfile ...

Other attributes that can be set in the PasswordProfile are:

  • $PasswordProfile.EnforceChangePasswordPolicy - a boolean indicating that the change password policy is enabled or disabled for this user.
  • $PasswordProfile.ForceChangePasswordNextLogin - a boolean indicating that the user must change the password at the next sign in.

Parameter properties

Type:PasswordProfile
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PhysicalDeliveryOfficeName

Specifies the user's physical delivery office name.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PostalCode

Specifies the user's postal code.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PreferredLanguage

Specifies the user's preferred language.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ShowInAddressList

If True, show this user in the address list.

Parameter properties

Type:Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SignInNames

Specifies the collection of sign-in names for a local account in an Azure Active Directory B2C tenant.

Each sign-in name must be unique across the company/tenant. The property must be specified when you create a local account user. Do not specify it when you create a work or school account.

Parameter properties

Type:

List<T>[Microsoft.Open.AzureAD.Model.SignInName]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-State

Specifies the user's state.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-StreetAddress

Specifies the user's street address.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Surname

Specifies the user's surname.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-TelephoneNumber

Specifies a telephone number.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UsageLocation

A two letter country or region code (ISO standard 3166).

It's required for users that will be assigned licenses due to legal requirements to check for availability of services in countries and regions. Examples include: US, JP, and GB.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserPrincipalName

Specifies the user's principal name (UPN).

The UPN is an Internet-style login name for the user based on the Internet standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain.

For work or school accounts, the domain must be present in the tenant's collection of verified domains. This property is required when a work or school account is created; it is optional for local accounts.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserState

The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserStateChangedOn

The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserType

A string value that can be used to classify user types in your directory, such as "Member" and "Guest".

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Notes

See the migration guide for New-AzureADUser to the Microsoft Graph PowerShell.