New-AzureADGroup
This article provides migration details from New-AzureADGroup command to Microsoft Graph PowerShell.
Summary
- Azure AD Command: New-AzureADGroup
- Azure AD Module: AzureAD
- Microsoft Graph Command: New-MgGroup (Community Examples)
- Graph Module: Microsoft.Graph.Groups
- Graph Endpoint: POST /groups
Permissions
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | Group.ReadWrite.All | Directory.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | Group.Create | Directory.ReadWrite.All, Group.ReadWrite.All |
View more details on permissions.
For an app create a group with owners or members while it has the Group.Create permission, the app must have the privileges to read the object type that it wants to assign as the group owner or member. Therefore:
- The app can assign itself as the group's owner or member.
- To create the group with users as owners or members, the app must have at least the User.Read.All permission.
- To create the group with other service principals as owners or members, the app must have at least the Application.Read.All permission.
- To create the group with either users or service principals as owners or members, the app must have at least the Directory.Read.All permission.
Property Mapping
Azure AD Name | Microsoft Graph Name |
---|---|
Description | Description |
DisplayName | DisplayName |
MailEnabled | MailEnabled |
MailNickName | MailNickName |
SecurityEnabled | SecurityEnabled |
Palaute
https://aka.ms/ContentUserFeedback.
Tulossa pian: Vuoden 2024 aikana poistamme asteittain GitHub Issuesin käytöstä sisällön palautemekanismina ja korvaamme sen uudella palautejärjestelmällä. Lisätietoja on täällä:Lähetä ja näytä palaute kohteelle