Edit

Share via


New-EntraGroup

Creates a Microsoft Entra ID group.

Syntax

Default (Default)

New-EntraGroup

    -DisplayName <String>
    [-GroupTypes <System.Collections.Generic.List`1[System.String]>]
    -SecurityEnabled <Boolean>
    [-Description <String>]
    -MailEnabled <Boolean>
    -MailNickname <String>
    [-Visibility <String>]
    [-IsAssignableToRole <Boolean>]
    [<CommonParameters>]

Description

The New-EntraGroup cmdlet creates a Microsoft Entra ID group. Specify the DisplayName, MailNickname, MailEnabled and SecurityEnabled parameters for creating a Microsoft Entra ID group.

For information about creating dynamic groups, see: Using attributes to create advanced rules.

Notes on permissions:

  • To create the group with users as owners or members, the app must have at least the User.Read.All permission.
  • To create the group with other service principals as owners or members, the app must have at least the Application.Read.All permission.
  • To create the group with either users or service principals as owners or members, the app must have at least the Directory.Read.All permission.

Parameters

-Description

Specifies a description for the group.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisplayName

Specifies a display name for the group.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-GroupTypes

Specifies that the group is a unified or dynamic group.

Notes:

  • This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module.

Parameter properties

Type:

System.Collections.Generic.List`1[System.String]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-IsAssignableToRole

Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group.

Parameter properties

Type:System.Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-MailEnabled

Specifies whether this group is mail enabled.

Currently, you can't create mail enabled groups in Microsoft Entra ID.

Parameter properties

Type:System.Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-MailNickname

Specifies a mail nickname for the group. If MailEnabled is $False, you must still specify a mail nickname.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-SecurityEnabled

Specifies whether the group is security enabled. For security groups, this value must be $True.

Parameter properties

Type:System.Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Visibility

This parameter determines the visibility of the group's content and members list.

This parameter can take one of the following values:

  • "Public" - Anyone can view the contents of the group
  • "Private" - Only members can view the content of the group
  • "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group.

If no value is provided, the default value is "Public".

Notes:

  • This parameter is only valid for groups that have the groupType set to "Unified".
  • If a group has this attribute set to "HiddenMembership", it can't be changed later.
  • Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

None

Outputs

System.Object