This article will teach you how to automate the creation of a Microsoft Entra ID User Account and bulk Microsoft Entra ID users with a PowerShell Script. You can utilize the PowerShell script I developed to create new Microsoft Entera ID users within the company.
You may have been requested to create a user account within the Microsoft Active Directory if you are a system administrator. If not, you would have at least collaborated with the team responsible for creating user accounts. However, have you ever tried to create a user account using Microsoft Entra ID? If yes, have you ever considered automating the process to make your life easier?
This article will also explain the steps to create bulk Microsoft Entra ID users from a CSV file. Going through the Microsoft Entra admin center and making the users through the wizard will take us time. The powershell script will fetch the required attributes from a .csv file you saved locally and create Microsoft Entra ID users. This method will greatly benefit you when you want to create multiple Entra users.
You must install the MS Entra PowerShell Module and connect to the Microsoft Entra ID using the Connect-MgGraph cmdlet before you start automating the creation of a Microsoft Entra ID User. Also, you need to ensure you have enough permissions to create a Microsoft Entra ID user account.
- Best Guide to Install Microsoft Graph PowerShell Modules
- New MS Entra PowerShell Module
- Manage Intune Tasks with PowerShell
Index |
---|
Know More About the Microsoft Entra PowerShell Module |
Create a Microsoft Entra ID user with PowerShell |
Create Microsoft Entra ID Users from CSV with PowerShell |
Know More About the Microsoft Entra PowerShell Module
Recently, Microsoft announced a New MS Entra PowerShell Module in their Documents. The new module helps make managing and automating Microsoft Entra resources easier.
It is designed to help administrators manage and automate different Microsoft Entra resources using commands. It has been developed to be more user-friendly and straightforward, avoiding the complexities of the Graph SDK.
The Microsoft Entra PowerShell module is built on the Microsoft Graph PowerShell SDK and offers a scenario-focused approach to managing Entra resources. To facilitate switching, the module also supports the old Azure AD module.
To install the Microsoft Graph PowerShell SDK, your PowerShell version should be at least 5.1 or later. However, Microsoft recommends having PowerShell 7 or later. As per Microsoft, no additional prerequisites are required to use the SDK with PowerShell 7 or later. Also, You should have .NET Framework 4.7.2 or later installed on your machine before installing Microsoft Entra PowerShell modules.
Create a Microsoft Entra ID user with PowerShell
You can explore the cmdlets once you install the Microsoft Entra PowerShell modules. Before you start coding, you must understand the required permissions for the cmdlet. The Find-MgGraphCommand
cmdlet will help you retrieve the required permission details for any cmdlet. For example, I will see the permission needed to run New-MgUser
.
Find-MgGraphCommand -command New-MgUser
| Select -First 1 -ExpandProperty Permissions
As per the output, you may need multiple permissions to run New-MgUser
. However, User.ReadWrite.In this example, all permissions should be enough for us, as we’re just creating a user account with a Microsoft Entra ID.
Name | IsAdmin | Description |
---|---|---|
DeviceManagementApps.ReadWrite.All | FALSE | Read and write Microsoft Intune apps |
User.ReadWrite.All | FALSE | Read and write all users’ full profiles |
Directory.ReadWrite.All | FALSE | Read and write directory data |
DeviceManagementServiceConfig.ReadWrite.All | FALSE | Read and write Microsoft Intune configuration |
DeviceManagementManagedDevices.ReadWrite.All | FALSE | Read and write Microsoft Intune devices |
DeviceManagementConfiguration.ReadWrite.All | FALSE | Read and write Microsoft Intune device configuration and policies |
You must Sign in using Connect-MgGraph
command each time to automate your daily tasks
- Open the PowerShell as an Administrator.
- Type
with the new permission scopes added and hit enterConnect-MgGraph
- The PowerShell prompt you to enter the credentials to authenticate Microsoft Graph.
Connect-MgGraph -Scopes User.ReadWrite.All
I have successfully connected to MgGraph with the necessary permissions. To create a user with a Microsoft Entra ID using PowerShell, it is necessary to have the following minimum required attributes:
- -DisplayName
- -MailNickname
- -UserPrincipalName
- -PasswordProfile
- -AccountEnabled
Please assign values to the above attributes, as your script will not function correctly without them. The script below will create a user in Microsoft Entra ID.
####################################################
# Script: Create-EntraIDUser.ps1
# Scope: The below script will Create Microsoft Entra ID user
# Author: Sujin Nelladath
####################################################
Connect-MgGraph -Scopes "User.ReadWrite.All"
# Password
$Password = @{
Password = "Password@123!"
ForceChangePasswordNextSignIn = $true
ForceChangePasswordNextSignInWithMfa = $true
}
#Define the Attributes
$displayname = "Alvin Sen"
$mailnickname = "Alvin.Sen"
$UserPrincipalName = "[email protected]"
# Create Microsoft Entra ID user
New-MgUser -DisplayName $displayname -MailNickname $mailnickname -UserPrincipalName $UserPrincipalName -PasswordProfile $Password -AccountEnabled:$true
After running the script, the output will indicate that the user has been successfully created. Please ensure that you modify the input values according to your needs.
The user account has been successfully created using Microsoft Entra ID. You can verify it by logging into the Entra Portal or running the command shared below.
Get-MgUser | Where-Object {$_.displayName -eq “Alvin Sen”}
- Best way to Deploy Shell Scripts using Intune
- Run Remediation Script on-demand for Windows Devices using Intune
- PowerShell Script to Create a Local Admin Account using Intune
Create Microsoft Entra ID Users from CSV with PowerShell
Let’s learn how to create bulk Microsoft Entra ID users with PowerShell. I will create a CSV file with all necessary attributes and save it in the C:\Temp folder. Please ensure that you modify the input values according to your needs.
Connect-MgGraph -Scopes "User.ReadWrite.All"
#Path of the CSV file
$CSVfile = "c:\temp\Create-NewEntraUsers.csv"
#Password
$Password = @{
Password = "Password@123!"
ForceChangePasswordNextSignIn = $true
ForceChangePasswordNextSignInWithMfa = $true
}
#Import the CSV file
$userdetails = Import-Csv -Path $CSVfile
# Create Microsoft Entra ID user
foreach ($user in $userdetails)
{
$displayname = $user.Displayname
$mailnickname = $User.MailNickName
$UserPrincipalName = $User.UserPrincipalName
New-MgUser -DisplayName $displayname -MailNickname $mailnickname -UserPrincipalName $UserPrincipalName -PasswordProfile $Password -AccountEnabled:$true
}
Once you are done with your tasks, you can use Disconnect-MgGraph
a command to sign out.
- Best Guide to Restart Intune Devices Remotely using Microsoft Graph API and PowerShell
- Intune Policy Assignment Classification Easy Secrets of using Graph API with PowerShell
- Manage Intune Tasks with PowerShell Part 1
- Managing Windows Bitlocker Compliance Policy Using Intune | MS Graph | Grace Period
I trust that this article will significantly benefit you and your organization. Thank you for being so patient in reading this post. I look forward to seeing you in the next post. Keep supporting the HTMD Community.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
About the Author – Sujin Nelladath has over 10 years of experience in SCCM device management and Automation solutions. He writes and shares his experiences with Microsoft device management technologies, Azure, and PowerShell automation.