New-EntraGroup
Creates a Microsoft Entra ID group.
Syntax
Default (Default)
New-EntraGroup
-DisplayName <String>
[-GroupTypes <System.Collections.Generic.List`1[System.String]>]
-SecurityEnabled <Boolean>
[-Description <String>]
-MailEnabled <Boolean>
-MailNickname <String>
[-Visibility <String>]
[-IsAssignableToRole <Boolean>]
[<CommonParameters>]
Description
The New-EntraGroup
cmdlet creates a Microsoft Entra ID group. Specify the DisplayName
, MailNickname
, MailEnabled
and SecurityEnabled
parameters for creating a Microsoft Entra ID group.
For information about creating dynamic groups, see: Using attributes to create advanced rules.
Notes on permissions:
- To create the group with users as owners or members, the app must have at least the
User.Read.All
permission. - To create the group with other service principals as owners or members, the app must have at least the
Application.Read.All
permission. - To create the group with either users or service principals as owners or members, the app must have at least the
Directory.Read.All
permission.
Parameters
-Description
Specifies a description for the group.
Parameter properties
Type: | System.String |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | False |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-DisplayName
Specifies a display name for the group.
Parameter properties
Type: | System.String |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | True |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-GroupTypes
Specifies that the group is a unified or dynamic group.
Notes:
- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module.
Parameter properties
Type: | System.Collections.Generic.List`1[System.String] |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | False |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-IsAssignableToRole
Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group.
Parameter properties
Type: | System.Boolean |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | False |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-MailEnabled
Specifies whether this group is mail enabled.
Currently, you can't create mail enabled groups in Microsoft Entra ID.
Parameter properties
Type: | System.Boolean |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | True |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-MailNickname
Specifies a mail nickname for the group. If MailEnabled is $False, you must still specify a mail nickname.
Parameter properties
Type: | System.String |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | True |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-SecurityEnabled
Specifies whether the group is security enabled. For security groups, this value must be $True.
Parameter properties
Type: | System.Boolean |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | True |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
-Visibility
This parameter determines the visibility of the group's content and members list.
This parameter can take one of the following values:
- "Public" - Anyone can view the contents of the group
- "Private" - Only members can view the content of the group
- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group.
If no value is provided, the default value is "Public".
Notes:
- This parameter is only valid for groups that have the groupType set to "Unified".
- If a group has this attribute set to "HiddenMembership", it can't be changed later.
- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners.
Parameter properties
Type: | System.String |
Default value: | None |
Supports wildcards: | False |
DontShow: | False |
Parameter sets
(All)
Position: | Named |
Mandatory: | False |
Value from pipeline: | False |
Value from pipeline by property name: | False |
Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.