Edit

Share via

Set-EntraBetaUser

Module:
Microsoft.Entra.Beta Module v1.1

Updates a user.

Syntax

Default (Default) 

Set-EntraBetaUser

    -UserId <String>
    [-PostalCode <String>]
    [-CompanyName <String>]
    [-GivenName <String>]
    [-Mobile <String>]
    [-PreferredLanguage <String>]
    [-CreationType <String>]
    [-UsageLocation <String>]
    [-UserType <String>]
    [-AgeGroup <String>]
    [-MailNickName <String>]
    [-ExtensionProperty <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
    [-ConsentProvidedForMinor <String>]
    [-ImmutableId <String>]
    [-Country <String>]
    [-SignInNames <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]>]
    [-Department <String>]
    [-StreetAddress <String>]
    [-PasswordPolicies <String>]
    [-JobTitle <String>]
    [-City <String>]
    [-OtherMails <System.Collections.Generic.List`1[System.String]>]
    [-UserPrincipalName <String>]
    [-DisplayName <String>]
    [-AccountEnabled <Boolean>]
    [-PasswordProfile <PasswordProfile>]
    [-State <String>]
    [-TelephoneNumber <String>]
    [-Surname <String>]
    [-ShowInAddressList <Boolean>]
    [<CommonParameters>]

Description

The Set-EntraBetaUser cmdlet updates a user in Microsoft Entra ID. Specify the UserId parameter to update a user in Microsoft Entra ID.

Update-EntraBetaUser is an alias for Set-EntraBetaUser.

Examples

Example 1: Update a user

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -DisplayName 'Updated user Name'

This example updates the specified user's Display name parameter.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.

Example 2: Set the specified user's AccountEnabled parameter

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -AccountEnabled $true

This example updates the specified user's AccountEnabled parameter.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.
  • -AccountEnabled Specifies whether the account is enabled.
Connect-Entra -Scopes 'User.ReadWrite.All'
Get-EntraBetaUser -All | Where-Object -Property DisplayName -Match '(George|James|Education)' |
ForEach-Object { Set-EntraBetaUser -UserId $($_.Id) -AgeGroup 'minor' -ConsentProvidedForMinor 'granted' }

This example updates the specified user's as minors with parental consent.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.
  • -ConsentProvidedForMinor Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired.

Example 4: Set the specified user's property

Connect-Entra -Scopes 'User.ReadWrite.All'
$params = @{
    UserId           = 'SawyerM@contoso.com'
    City             = 'Add city name'
    CompanyName      = 'Microsoft'
    Country          = 'Add country name'
    Department       = 'Add department name'
    GivenName        = 'Sawyer Miller G'
    JobTitle         = 'Manager'
    MailNickName     = 'Add mailnickname'
    Mobile           = '9984534564'
    OtherMails       = 'johndoe@contosodev.com'
    PasswordPolicies = 'DisableStrongPassword'
    State            = 'UP'
    StreetAddress    = 'Add address'
    UserType         = 'Member'
}
Set-EntraBetaUser @params

This example updates the specified user's property.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.
  • -UserType classify user types in your directory, such as "Member" and "Guest."
  • -PasswordPolicies Specifies password policies for the user.
  • -OtherMails Specifies other email addresses for the user

Example 5: Set the specified user's PasswordProfile parameter

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -PasswordProfile @{
    Password = '*****'
    ForceChangePasswordNextSignIn = $true
}

This example updates the specified user's PasswordProfile parameter.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.
  • -PasswordProfile specifies the user's password profile.

Example 6: Set user's usage location for license assignment

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -UsageLocation 'US'

This example updates the specified user's Usage Location for license management.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.
  • -UsageLocation specifies the user's usage location. Two-letter ISO 3166 country code. Required for licensed users to check service availability. Examples: US, JP, GB. Not nullable.

Example 7: Update user's password policy

Connect-Entra -Scopes 'User.ReadWrite.All'
Get-EntraBetaUser -UserId 'SawyerM@contoso.com' | Set-EntraBetaUser -PasswordPolicies DisablePasswordExpiration

This example updates the specified user's password policy.

Possible values for password policy include:

  • DisableStrongPassword: Allows weaker passwords than the default policy.
  • DisablePasswordExpiration: Prevents passwords from expiring.

You can specify both values together, for example: DisablePasswordExpiration and DisableStrongPassword. For example, Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -PasswordPolicies "DisablePasswordExpiration,DisableStrongPassword".

Example 8: Set user's extension properties

Connect-Entra -Scopes 'User.ReadWrite.All'
$application = Get-EntraBetaApplication -Filter "DisplayName eq 'Helpdesk Application'"
$extensionName = (Get-EntraBetaApplicationExtensionProperty -ApplicationId $application.Id).Name | Select-Object -First 1
$additionalProperties = @{ $extensionName = "Survey.Report" }
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -AdditionalProperties $additionalProperties

This example updates the specified user's extension properties, for example, an app role for an application.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.

Example 9: update user's onPremisesExtension attributes properties

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -AdditionalProperties @{
    onPremisesExtensionAttributes = @{
        extensionAttribute1 = "Job Group D"
        extensionAttribute2 = "Audit Role"
    }
}

This example updates the specified user's onPremisesExtensionAttributes properties.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.

Example 10: update user's phone details

Connect-Entra -Scopes 'User.ReadWrite.All'
Set-EntraBetaUser -UserId 'SawyerM@contoso.com' -BusinessPhones '+1 425 555 0109' -OfficeLocation '18/2111'

This example updates the specified user's onPremisesExtensionAttributes properties.

  • -UserId Specifies the ID as a user principal name (UPN) or UserId.

Parameters

-AccountEnabled

Indicates whether the account is enabled.

Parameter properties

Type:System.Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AgeGroup

Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, minor, notAdult, and adult. See, legal-age-group.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-City

Specifies the user's city.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-CompanyName

The company name, which the user is associated. This property can be useful for describing the company that an external user comes from. The maximum length of the company name is 64 characters.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ConsentProvidedForMinor

Sets whether consent has to obtained for minors. Allowed values: null, granted, denied, and notRequired.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Country

Specifies the user's country.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-CreationType

Indicates whether the user account is a local account for a Microsoft Entra ID B2C tenant. Possible values are "LocalAccount" and null. When creating a local account, the property is required and you must set it to "LocalAccount". When creating a work or school account, don't specify the property or set it to null.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Department

Specifies the user's department.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisplayName

Specifies the user's display name.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ExtensionProperty

Add data to custom user properties as the basic open extensions or the more versatile schema extensions.

Parameter properties

Type:

System.Collections.Generic.Dictionary`2[System.String,System.String]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-GivenName

Specifies the user's given name.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ImmutableId

This property links an on-premises Active Directory user account to its Microsoft Entra ID user object. You must specify this property when creating a new user account in Graph if the user's userPrincipalName uses a federated domain.

Important: Do not use the $ and _ characters when specifying this property.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-JobTitle

Specifies the user's job title.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-MailNickName

Specifies a nickname for the user's mail address.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Mobile

Specifies the user's mobile phone number.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-OtherMails

Specifies other email addresses for the user.

Parameter properties

Type:

System.Collections.Generic.List`1[System.String]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PasswordPolicies

Specifies password policies for the user.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PasswordProfile

Specifies the user's password profile.

Parameter properties

Type:PasswordProfile
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PostalCode

Specifies the user's postal code.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PreferredLanguage

Specifies the user's preferred language.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ShowInAddressList

Set to True to show this user in the address list.

Parameter properties

Type:System.Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SignInNames

The list of sign in names for this user

Parameter properties

Type:

System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-State

Specifies the user's state.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-StreetAddress

Specifies the user's street address.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Surname

Specifies the user's surname.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-TelephoneNumber

Specifies the user's telephone number.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UsageLocation

A two letter country or region code (ISO standard 3166). Required for users that assigned licenses due to legal requirement to check for availability of services in country and regions. Examples include: "US," "JP," and "GB." Not nullable.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserId

Specifies the ID of a user (as a User Principle Name or UserId) in Microsoft Entra ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:ObjectId, UPN, Identity, UserPrincipalName

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-UserPrincipalName

Specifies the user's user principal name.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-UserType

A string value that can be used to classify user types in your directory, such as "Member" and "Guest."

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Notes

Update-EntraBetaUser is an alias for Set-EntraBetaUser.