New-AzADGroup
Adds new entity to groups
Syntax
New-AzADGroup
-DisplayName <String>
-MailNickname <String>
[-AcceptedSender <IMicrosoftGraphDirectoryObject[]>]
[-AdditionalProperties <Hashtable>]
[-AppRoleAssignment <IMicrosoftGraphAppRoleAssignmentAutoGenerated[]>]
[-Classification <String>]
[-CreatedOnBehalfOf <IMicrosoftGraphDirectoryObject>]
[-DeletedDateTime <DateTime>]
[-Description <String>]
[-GroupType <String[]>]
[-HasMembersWithLicenseError]
[-IsArchived]
[-IsAssignableToRole]
[-MailEnabled]
[-MembershipRule <String>]
[-MembershipRuleProcessingState <String>]
[-PermissionGrant <IMicrosoftGraphResourceSpecificPermissionGrant[]>]
[-PreferredDataLocation <String>]
[-PreferredLanguage <String>]
[-SecurityEnabled]
[-SecurityIdentifier <String>]
[-Theme <String>]
[-TransitiveMember <IMicrosoftGraphDirectoryObject[]>]
[-TransitiveMemberOf <IMicrosoftGraphDirectoryObject[]>]
[-Visibility <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Adds new entity to groups
Examples
Example 1: Create group
New-AzADGroup -DisplayName $gname -MailNickname $nickname
Create group
Parameters
-AcceptedSender
The list of users or groups that are allowed to create post's or calendar events in this group. If this list is non-empty then only users or groups listed here are allowed to post. To construct, see NOTES section for ACCEPTEDSENDER properties and create a hash table.
Type: | IMicrosoftGraphDirectoryObject[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AdditionalProperties
Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppRoleAssignment
Represents the app roles a group has been granted for an application. Supports $expand. To construct, see NOTES section for APPROLEASSIGNMENT properties and create a hash table.
Type: | IMicrosoftGraphAppRoleAssignmentAutoGenerated[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Classification
Describes a classification for the group (such as low, medium or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. Supports $filter (eq, ne, NOT, ge, le, startsWith).
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreatedOnBehalfOf
Represents an Azure Active Directory object. The directoryObject type is the base type for many other directory entity types. To construct, see NOTES section for CREATEDONBEHALFOF properties and create a hash table.
Type: | IMicrosoftGraphDirectoryObject |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | PSObject |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DeletedDateTime
.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
An optional description for the group. Returned by default. Supports $filter (eq, ne, NOT, ge, le, startsWith) and $search.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
The display name for the group. This property is required when a group is created and cannot be cleared during updates. Returned by default. Supports $filter (eq, ne, NOT, ge, le, in, startsWith), $search, and $orderBy.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GroupType
Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, NOT).
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-HasMembersWithLicenseError
Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). Supports $filter (eq).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsArchived
.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsAssignableToRole
Indicates whether this group can be assigned to an Azure Active Directory role.This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true and the group cannot be a dynamic group (that is, groupTypes cannot contain DynamicMembership). Only callers in Global administrator and Privileged role administrator roles can set this property. The caller must also be assigned the Directory.AccessAsUser.All permission to set this property. For more, see Using a group to manage Azure AD role assignmentsReturned by default. Supports $filter (eq, ne, NOT).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MailEnabled
Specifies whether the group is mail-enabled. Returned by default. Supports $filter (eq, ne, NOT).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MailNickname
The mail alias for the group, unique in the organization. This property must be specified when a group is created. These characters cannot be used in the mailNickName: @()/[]';:.<>,SPACE. Returned by default. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MembershipRule
The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, NOT, ge, le, startsWith).
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MembershipRuleProcessingState
Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, NOT, in).
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PermissionGrant
The permissions that have been granted for a group to a specific application. Supports $expand. To construct, see NOTES section for PERMISSIONGRANT properties and create a hash table.
Type: | IMicrosoftGraphResourceSpecificPermissionGrant[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreferredDataLocation
The preferred data location for the group. For more information, see OneDrive Online Multi-Geo. Returned by default.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreferredLanguage
The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example 'en-US'. Returned by default. Supports $filter (eq, ne, NOT, ge, le, in, startsWith).
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SecurityEnabled
Specifies whether the group is a security group. Returned by default. Supports $filter (eq, ne, NOT, in).
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SecurityIdentifier
Security identifier of the group, used in Windows scenarios. Returned by default.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Theme
Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange or Red. Returned by default.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TransitiveMember
. To construct, see NOTES section for TRANSITIVEMEMBER properties and create a hash table.
Type: | IMicrosoftGraphDirectoryObject[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TransitiveMemberOf
. To construct, see NOTES section for TRANSITIVEMEMBEROF properties and create a hash table.
Type: | IMicrosoftGraphDirectoryObject[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Visibility
Specifies the group join policy and group content visibility for groups. Possible values are: Private, Public, or Hiddenmembership. Hiddenmembership can be set only for Microsoft 365 groups, when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation. If visibility value is not specified during group creation on Microsoft Graph, a security group is created as Private by default and Microsoft 365 group is Public. See group visibility options to learn more. Returned by default.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Outputs
Notes
ALIASES
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
ACCEPTEDSENDER <IMicrosoftGraphDirectoryObject[]>: The list of users or groups that are allowed to create post's or calendar events in this group. If this list is non-empty then only users or groups listed here are allowed to post.
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory
APPROLEASSIGNMENT <IMicrosoftGraphAppRoleAssignmentAutoGenerated[]>: Represents the app roles a group has been granted for an application. Supports $expand.
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory[AppRoleId <String>]
: The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.[CreatedDateTime <DateTime?>]
: The time when the app role assignment was created.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only.[PrincipalDisplayName <String>]
: The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports $filter (eq and startswith).[PrincipalId <String>]
: The unique identifier (id) for the user, group or service principal being granted the app role. Required on create.[PrincipalType <String>]
: The type of the assigned principal. This can either be User, Group or ServicePrincipal. Read-only.[ResourceDisplayName <String>]
: The display name of the resource app's service principal to which the assignment is made.[ResourceId <String>]
: The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).
CREATEDONBEHALFOF <IMicrosoftGraphDirectoryObject>
: Represents an Azure Active Directory object. The directoryObject type is the base type for many other directory entity types.
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory
PERMISSIONGRANT <IMicrosoftGraphResourceSpecificPermissionGrant[]>: The permissions that have been granted for a group to a specific application. Supports $expand.
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory[ClientAppId <String>]
: ID of the service principal of the Azure AD app that has been granted access. Read-only.[ClientId <String>]
: ID of the Azure AD app that has been granted access. Read-only.[Permission <String>]
: The name of the resource-specific permission. Read-only.[PermissionType <String>]
: The type of permission. Possible values are: Application, Delegated. Read-only.[ResourceAppId <String>]
: ID of the Azure AD app that is hosting the resource. Read-only.
TRANSITIVEMEMBER <IMicrosoftGraphDirectoryObject[]>: .
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory
TRANSITIVEMEMBEROF <IMicrosoftGraphDirectoryObject[]>: .
[DeletedDateTime <DateTime?>]
:[DisplayName <String>]
: The name displayed in directory
Azure PowerShell