User creation is a key task for IT admins, ensuring employees and external collaborators have secure access while managing access control and security policies. While Graph PowerShell's New-MgUser command—an alternative to the New-AzureADuser PowerShell command—can be used to create Microsoft Entra ID users, it is both a time-consuming and error-prone process, especially when dealing with a large volume of accounts or intricate organizational structures. On the other hand, ADManager Plus, a Microsoft 365 management and reporting tool, streamlines the task, enabling administrators to quickly create and manage Microsoft Entra ID users with just a few clicks.
Apply templates to automatically configure multiple user attributes in one step.
Copy values from an existing user account to fill template fields.
Before using the New-MgUser cmdlet, ensure the following:
Install-Module Microsoft.Graph -Scope CurrentUser
User.ReadWrite.All, Directory.ReadWrite.All,
DeviceManagementServiceConfig.ReadWrite.All,
DeviceManagementManagedDevices.ReadWrite.All,
DeviceManagementConfiguration.ReadWrite.All,
DeviceManagementApps.ReadWrite.All,
The New-MgUser cmdlet can be used in Microsoft Graph PowerShell to create Microsoft Entra ID users. Here's the syntax:
New-MgUser
[-ResponseHeadersVariable <String>]
[-AboutMe <String>]
[-AccountEnabled]
[-Activities <IMicrosoftGraphUserActivity[]>]
[-AdditionalProperties <Hashtable>]
[-AgeGroup <String>]
[-AgreementAcceptances <IMicrosoftGraphAgreementAcceptance[]>]
[-AppRoleAssignments <IMicrosoftGraphAppRoleAssignment[]>]
[-AssignedLicenses <IMicrosoftGraphAssignedLicense[]>]
[-AssignedPlans <IMicrosoftGraphAssignedPlan[]>]
[-Authentication <IMicrosoftGraphAuthentication>]
[-AuthorizationInfo <IMicrosoftGraphAuthorizationInfo>]
[-Birthday <DateTime>]
[-BusinessPhones <String[]>]
[-Calendar <IMicrosoftGraphCalendar>]
[-CalendarGroups <IMicrosoftGraphCalendarGroup[]>]
[-CalendarView <IMicrosoftGraphEvent[]>]
[-Calendars <IMicrosoftGraphCalendar[]>]
[-Chats <IMicrosoftGraphChat[]>]
[-City <String>]
[-CloudClipboard <IMicrosoftGraphCloudClipboardRoot>]
[-CompanyName <String>]
[-ConsentProvidedForMinor <String>]
[-ContactFolders <IMicrosoftGraphContactFolder[]>]
[-Contacts <IMicrosoftGraphContact[]>]
[-Country <String>]
[-CreatedDateTime <DateTime>]
[-CreatedObjects <IMicrosoftGraphDirectoryObject[]>]
[-CreationType <String>]
[-CustomSecurityAttributes <Hashtable>]
[-DeletedDateTime <DateTime>]
[-Department <String>]
[-DeviceEnrollmentLimit <Int32>]
[-DeviceManagementTroubleshootingEvents <IMicrosoftGraphDeviceManagementTroubleshootingEvent[]>]
[-DirectReports <IMicrosoftGraphDirectoryObject[]>]
[-DisplayName <String>]
[-Drive <IMicrosoftGraphDrive>]
[-Drives <IMicrosoftGraphDrive[]>]
[-EmployeeExperience <IMicrosoftGraphEmployeeExperienceUser>]
[-EmployeeHireDate <DateTime>]
[-EmployeeId <String>]
[-EmployeeLeaveDateTime <DateTime>]
[-EmployeeOrgData <IMicrosoftGraphEmployeeOrgData>]
[-EmployeeType <String>]
[-Events <IMicrosoftGraphEvent[]>]
[-Extensions <IMicrosoftGraphExtension[]>]
[-ExternalUserState <String>]
[-ExternalUserStateChangeDateTime <DateTime>]
[-FaxNumber <String>]
[-FollowedSites <IMicrosoftGraphSite[]>]
[-GivenName <String>]
[-HireDate <DateTime>]
[-Id <String>]
[-Identities <IMicrosoftGraphObjectIdentity[]>]
[-ImAddresses <String[]>]
[-InferenceClassification <IMicrosoftGraphInferenceClassification>]
[-Insights <Hashtable>]
[-Interests <String[]>]
[-IsManagementRestricted]
[-IsResourceAccount]
[-JobTitle <String>]
[-JoinedTeams <IMicrosoftGraphTeam[]>]
[-LastPasswordChangeDateTime <DateTime>]
[-LegalAgeGroupClassification <String>]
[-LicenseAssignmentStates <IMicrosoftGraphLicenseAssignmentState[]>]
[-LicenseDetails <IMicrosoftGraphLicenseDetails[]>]
[-Mail <String>]
[-MailFolders <IMicrosoftGraphMailFolder[]>]
[-MailNickname <String>]
[-MailboxSettings <IMicrosoftGraphMailboxSettings>]
[-ManagedAppRegistrations <IMicrosoftGraphManagedAppRegistration[]>]
[-ManagedDevices <IMicrosoftGraphManagedDevice[]>]
[-Manager <IMicrosoftGraphDirectoryObject>]
[-MemberOf <IMicrosoftGraphDirectoryObject[]>]
[-Messages <IMicrosoftGraphMessage[]>]
[-MobilePhone <String>]
[-MySite <String>]
[-Oauth2PermissionGrants <IMicrosoftGraphOAuth2PermissionGrant[]>]
[-OfficeLocation <String>]
[-OnPremisesDistinguishedName <String>]
[-OnPremisesDomainName <String>]
[-OnPremisesExtensionAttributes <IMicrosoftGraphOnPremisesExtensionAttributes>]
[-OnPremisesImmutableId <String>]
[-OnPremisesLastSyncDateTime <DateTime>]
[-OnPremisesProvisioningErrors <IMicrosoftGraphOnPremisesProvisioningError[]>]
[-OnPremisesSamAccountName <String>]
[-OnPremisesSecurityIdentifier <String>]
[-OnPremisesSyncEnabled]
[-OnPremisesUserPrincipalName <String>]
[-Onenote <IMicrosoftGraphOnenote>]
[-OnlineMeetings <IMicrosoftGraphOnlineMeeting[]>]
[-OtherMails <String[]>]
[-Outlook <IMicrosoftGraphOutlookUser>]
[-OwnedDevices <IMicrosoftGraphDirectoryObject[]>]
[-OwnedObjects <IMicrosoftGraphDirectoryObject[]>]
[-PasswordPolicies <String>]
[-PasswordProfile <IMicrosoftGraphPasswordProfile>]
[-PastProjects <String[]>]
[-People <IMicrosoftGraphPerson[]>]
[-PermissionGrants <IMicrosoftGraphResourceSpecificPermissionGrant[]>]
[-Photo <IMicrosoftGraphProfilePhoto>]
[-Photos <IMicrosoftGraphProfilePhoto[]>]
[-Planner <IMicrosoftGraphPlannerUser>]
[-PostalCode <String>]
[-PreferredDataLocation <String>]
[-PreferredLanguage <String>]
[-PreferredName <String>]
[-Presence <IMicrosoftGraphPresence>]
[-Print <IMicrosoftGraphUserPrint>]
[-ProvisionedPlans <IMicrosoftGraphProvisionedPlan[]>]
[-ProxyAddresses <String[]>]
[-RegisteredDevices <IMicrosoftGraphDirectoryObject[]>]
[-Responsibilities <String[]>]
[-Schools <String[]>]
[-ScopedRoleMemberOf <IMicrosoftGraphScopedRoleMembership[]>]
[-SecurityIdentifier <String>]
[-ServiceProvisioningErrors <IMicrosoftGraphServiceProvisioningError[]>]
[-Settings <IMicrosoftGraphUserSettings>]
[-ShowInAddressList]
[-SignInActivity <IMicrosoftGraphSignInActivity>]
[-SignInSessionsValidFromDateTime <DateTime>]
[-Skills <String[]>]
[-Solutions <IMicrosoftGraphUserSolutionRoot>]
[-Sponsors <IMicrosoftGraphDirectoryObject[]>]
[-State <String>]
[-StreetAddress <String>]
[-Surname <String>]
[-Teamwork <IMicrosoftGraphUserTeamwork>]
[-Todo <IMicrosoftGraphTodo>]
[-TransitiveMemberOf <IMicrosoftGraphDirectoryObject[]>]
[-UsageLocation <String>]
[-UserPrincipalName <String>]
[-UserType <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]<
[<CommonParameters>]
Create a new user
$PasswordProfile = @{
Password = 'xWwvJ]6NMw+bWH-d'
}
New-MgUser -DisplayName 'Rene Magi' -PasswordProfile $PasswordProfile -AccountEnabled -MailNickName 'ReneMagi' -UserPrincipalName 'ReneMagi@contoso.com'
The following table contains some parameters that can be used along with the New-MgUser command to efficiently create Microsoft Entra ID users.
| Parameters | Description |
|---|---|
| -AccountEnabled | This parameter determines if the user account is enabled or not. |
| -Activities | This parameter displays the user's activities across devices. |
| -AgeGroup | This parameter sets the age group of the user. |
| -AppRoleAssignments | This parameter represents the app roles a user is granted for an application. |
| -AssignedLicenses | This parameter determines the licenses that are to be assigned to the user. |