New-EntraGroup
Creates a Microsoft Entra ID group.
Syntax
Default (Default)
New-EntraGroup
-DisplayName <String>
[-GroupTypes <System.Collections.Generic.List`1[System.String]>]
-SecurityEnabled <Boolean>
[-Description <String>]
-MailEnabled <Boolean>
-MailNickname <String>
[-Visibility <String>]
[-IsAssignableToRole <Boolean>]
[<CommonParameters>]
Description
The New-EntraGroup cmdlet creates a Microsoft Entra ID group. Specify the DisplayName, MailNickname, MailEnabled and SecurityEnabled parameters for creating a Microsoft Entra ID group.
For information about creating dynamic groups, see: Using attributes to create advanced rules.
Notes on permissions:
- To create the group with users as owners or members, the app must have at least the
User.Read.Allpermission. - To create the group with other service principals as owners or members, the app must have at least the
Application.Read.Allpermission. - To create the group with either users or service principals as owners or members, the app must have at least the
Directory.Read.Allpermission.
Parameters
-Description
Specifies a description for the group.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DisplayName
Specifies a display name for the group.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-GroupTypes
Specifies that the group is a unified or dynamic group.
Notes:
- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module.
Parameter properties
| Type: | System.Collections.Generic.List`1[System.String] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IsAssignableToRole
Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-MailEnabled
Specifies whether this group is mail enabled.
Currently, you can't create mail enabled groups in Microsoft Entra ID.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-MailNickname
Specifies a mail nickname for the group. If MailEnabled is $False, you must still specify a mail nickname.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SecurityEnabled
Specifies whether the group is security enabled. For security groups, this value must be $True.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Visibility
This parameter determines the visibility of the group's content and members list.
This parameter can take one of the following values:
- "Public" - Anyone can view the contents of the group
- "Private" - Only members can view the content of the group
- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group.
If no value is provided, the default value is "Public".
Notes:
- This parameter is only valid for groups that have the groupType set to "Unified".
- If a group has this attribute set to "HiddenMembership", it can't be changed later.
- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.