Set-MsolUser

Updated: July 30, 2015

Applies To: Azure, Office 365, Windows Intune

Note



  • The cmdlets were previously known as the Microsoft Online Services Module for Windows PowerShell cmdlets.

The Set-MsolUser cmdlet is used to update a user object. This cmdlet should be used for basic properties only. The licenses, password, and User Principal Name for a user can be updated through the Set-MsolUserLicense, Set-MsolUserPassword, and Set-MsolUserPrincipalName cmdlets respectively.

Syntax

Set-MsolUser [-AlternateEmailAddresses <string[]>] [-BlockCredential <Boolean>] [-City <string>] [-Country <string>] [-Department <string>] [-DisplayName <string>] [-Fax <string>] [-FirstName <string>] [-ImmutableId <string>] [-LastName <string>] [-MobilePhone <string>] [-ObjectId <Guid>] [-Office <string>] [-PasswordNeverExpires <Boolean>] [-PhoneNumber <string>] [-PostalCode <string>] [-PreferredLanguage <string>] [-State <string>] [-StreetAddress <string>] [-StrongPasswordRequired <Boolean>] [-TenantId <Guid>] [-Title <string>] [-UsageLocation <string>] [-UserPrincipalName <string>] [<CommonParameters>]

Parameters

    -AlternateEmailAddresses <string[]>
        Alternate email addresses of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -BlockCredential <Boolean>
        When true, the user will not be able to sign in using their user ID.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -City <string>
        The city of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -Country <string>
        The country or region of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -Department <string>
        The department of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -DisplayName <string>
        The display name of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -Fax <string>
        The fax number of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -FirstName <string>
        The first name of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -ImmutableId <string>
        The immutable ID of the user's federated identity. This should be 
        omitted for users with standard identities.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -LastName <string>
        The last name of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -MobilePhone <string>
        The mobile phone number of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -ObjectId <Guid>
        The unique ID of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -Office <string>
        The location of the office of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -PasswordNeverExpires <Boolean>
        Sets whether or not the user's password will expire periodically.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -PhoneNumber <string>
        The phone number of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -PostalCode <string>
        The postal code for the user's location.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -PreferredLanguage <string>
        The preferred language of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -State <string>
        The state or province where the user is located.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -StreetAddress <string>
        The street address of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -StrongAuthenticationRequirements <Microsoft.Online.Administration.StrongAuthenticationRequirement>
        The multi-factor authentication settings of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       false 
        Accept wildcard characters?  false
        
    -StrongPasswordRequired <Boolean>
        Sets whether or not the user requires a strong password.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -TenantId <Guid>
        The unique ID of the tenant to perform the operation on. If this is 
        not provided, then the value will default to the tenant of the current 
        user. This parameter is only applicable to partner users.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -Title <string>
        The title of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -UsageLocation <string>
        The location of the user where services are consumed. Must be a 
        two-letter country code.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -UserPrincipalName <string>
        The user ID of the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer and OutVariable. For more information, type,
        "get-help about_commonparameters".

Examples

The following examples show how the cmdlet can be used.

Example 1

The following command sets block credential to true for a CCole, which blocks that user from being able to sign in. This command cannot be used on a synced user. If the user is synced, then you would disable the account in the on-premises federated Active Directory Domain Service (AD DS) domain.

Set-MsolUser -UserPrincipalName CCole@contoso.com -blockcredential $true

Example 2

The following command updates the display name for the specified user.

Set-MsolUser -UserPrincipalName JWarner@contoso.com -DisplayName "Jmie Warner" -Title "Manager" -Department "Finance"

Example 3

The following command sets the location (country) of this user. The country must be a two-letter ISO code. This can be set for synced users as well as managed users.

Set-MsolUser -UserPrincipalName user@contoso.com -UsageLocation "CA"

Example 4

The following command sets the multi-factor authentication on this user.

Enable a user:

$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = “Enabled”
$sta = @($st)
Set-MsolUser -UserPrincipalName user@contoso.com  -StrongAuthenticationRequirements $sta
 

Enforce a user:

$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = “Enforced”
$sta = @($st)
Set-MsolUser -UserPrincipalName user@contoso.com  -StrongAuthenticationRequirements $sta
 

Disable a user:

$sta = @()
Set-MsolUser -UserPrincipalName user@contoso.com  -StrongAuthenticationRequirements $sta

Additional Resources

There are several other places you can get more information and help. These include:

See Also

Other Resources

Manage Azure Active Directory by using Windows PowerShell