New-AzureADUser
Creates an Azure AD user.
Syntax
New-AzureADUser
[-ExtensionProperty <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
-AccountEnabled <Boolean>
[-AgeGroup <String>]
[-City <String>]
[-CompanyName <String>]
[-ConsentProvidedForMinor <String>]
[-Country <String>]
[-CreationType <String>]
[-Department <String>]
-DisplayName <String>
[-FacsimileTelephoneNumber <String>]
[-GivenName <String>]
[-IsCompromised <Boolean>]
[-ImmutableId <String>]
[-JobTitle <String>]
[-MailNickName <String>]
[-Mobile <String>]
[-OtherMails <System.Collections.Generic.List`1[System.String]>]
[-PasswordPolicies <String>]
-PasswordProfile <PasswordProfile>
[-PhysicalDeliveryOfficeName <String>]
[-PostalCode <String>]
[-PreferredLanguage <String>]
[-ShowInAddressList <Boolean>]
[-SignInNames <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.SignInName]>]
[-State <String>]
[-StreetAddress <String>]
[-Surname <String>]
[-TelephoneNumber <String>]
[-UsageLocation <String>]
[-UserPrincipalName <String>]
[-UserState <String>]
[-UserStateChangedOn <String>]
[-UserType <String>]
[<CommonParameters>]
Description
The New-AzureADUser cmdlet creates a user in Azure Active Directory (Azure AD).
Examples
Example 1: Create a user
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "<Password>"
New-AzureADUser -DisplayName "New User" -PasswordProfile $PasswordProfile -UserPrincipalName "NewUser@contoso.com" -AccountEnabled $true -MailNickName "Newuser"
ObjectId DisplayName UserPrincipalName UserType
-------- ----------- ----------------- --------
5e8b0f4d-2cd4-4e17-9467-b0f6a5c0c4d0 New user NewUser@contoso.com Member
This command creates a new user.
Parameters
-AccountEnabled
Indicates whether the user's account is enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AgeGroup
This specifies the user's age group.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-City
Specifies the user's city.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CompanyName
This specifies the user's company name.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ConsentProvidedForMinor
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Country
Specifies the user's country.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreationType
Indicates whether the user account is a local account for an Azure Active Directory B2C tenant.
Possible values are LocalAccount
and null
.
When creating a local account, the property is required and you must set it to LocalAccount
.
When creating a work or school account, do not specify the property or set it to null
.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Department
Specifies the user's department.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
Specifies the user's display name.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ExtensionProperty
Type: | Dictionary<TKey,TValue>[System.String,System.String] |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FacsimileTelephoneNumber
This specifies the user's telephone number.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GivenName
Specifies the user's given name.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ImmutableId
This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's userPrincipalName (UPN) property.
Important: The $
and _
characters cannot be used when specifying this property.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsCompromised
Indicates whether this user is compromised.
Type: | Boolean |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-JobTitle
Specifies the user's job title.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MailNickName
Specifies the user's mail nickname.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Mobile
Specifies the user's mobile phone number.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OtherMails
A list of additional email addresses for the user. For example, bob@contoso.com
, Robert@fabrikam.com
.
Type: | List<T>[String] |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PasswordPolicies
Specifies password policies for the user.
This value is an enumeration with one possible value being DisableStrongPassword
, which allows weaker passwords than the default policy to be specified.
DisablePasswordExpiration
can also be specified.
The two may be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword".
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PasswordProfile
Specifies the user's password profile.
Note that the parameter type for this parameter is PasswordProfile
.
In order to pass a parameter of this type, you first need to;
- create a variable in PowerShell with that type:
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
- Set the value of the password in this variable:
$PasswordProfile.Password = "\<Password\>"
- Finally pass this variable to the cmdlet:
New-AzureADUser -PasswordProfile $PasswordProfile ...
Other attributes that can be set in the PasswordProfile are:
$PasswordProfile.EnforceChangePasswordPolicy
- a boolean indicating that the change password policy is enabled or disabled for this user.$PasswordProfile.ForceChangePasswordNextLogin
- a boolean indicating that the user must change the password at the next sign in.
Type: | PasswordProfile |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PhysicalDeliveryOfficeName
Specifies the user's physical delivery office name.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PostalCode
Specifies the user's postal code.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreferredLanguage
Specifies the user's preferred language.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ShowInAddressList
If True, show this user in the address list.
Type: | Boolean |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SignInNames
Specifies the collection of sign-in names for a local account in an Azure Active Directory B2C tenant.
Each sign-in name must be unique across the company/tenant. The property must be specified when you create a local account user. Do not specify it when you create a work or school account.
Type: | List<T>[Microsoft.Open.AzureAD.Model.SignInName] |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-State
Specifies the user's state.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-StreetAddress
Specifies the user's street address.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Surname
Specifies the user's surname.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TelephoneNumber
Specifies a telephone number.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UsageLocation
A two letter country code (ISO standard 3166).
It's required for users that will be assigned licenses due to legal requirements to check for availability of services in countries.
Examples include: US
, JP
, and GB
.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserPrincipalName
Specifies the user's principal name (UPN).
The UPN is an Internet-style login name for the user based on the Internet standard RFC 822.
By convention, this should map to the user's email name.
The general format is alias@domain
.
For work or school accounts, the domain must be present in the tenant's collection of verified domains. This property is required when a work or school account is created; it is optional for local accounts.
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserState
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserStateChangedOn
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserType
A string value that can be used to classify user types in your directory, such as "Member" and "Guest".
Type: | String |
Position: | Named |
Default value: | None |
Accept pipeline input: | False |
Accept wildcard characters: | False |