az ad user

Manage Azure Active Directory users and user authentication.

Commands

az ad user create Create an Azure Active Directory user.
az ad user delete Delete a user.
az ad user get-member-groups Get groups of which the user is a member.
az ad user list List Azure Active Directory users.
az ad user show Gets user information from the directory.
az ad user update Update Azure Active Directory users.

az ad user create

Create an Azure Active Directory user.

az ad user create --display-name
--password
--user-principal-name
[--force-change-password-next-login {false, true}]
[--immutable-id]
[--mail-nickname]

Required Parameters

--display-name

Object's display name or its prefix.

--password

The password that should be assigned to the user for authentication.

--user-principal-name

Required. The user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant.

Optional Parameters

--force-change-password-next-login

Marks this user as needing to update their password the next time they authenticate.

accepted values: false, true
--immutable-id

This must be specified if you are using a federated domain for the user's userPrincipalName (UPN) property when creating a new user account. It is used to associate an on-premises Active Directory user account with their Azure AD user object.

--mail-nickname

Mail alias. Defaults to user principal name.

az ad user delete

Delete a user.

az ad user delete --id

Required Parameters

--id

The object ID or principal name of the user for which to get information.

az ad user get-member-groups

Get groups of which the user is a member.

az ad user get-member-groups --id
[--security-enabled-only]

Examples

Get groups of which the user is a member (autogenerated)

az ad user get-member-groups --upn-or-object-id myuser@consoso.com

Required Parameters

--id

The object ID or principal name of the user for which to get information.

Optional Parameters

--security-enabled-only

If true, only membership in security-enabled groups should be checked. Otherwise, membership in all groups should be checked.

az ad user list

List Azure Active Directory users.

az ad user list [--display-name]
[--filter]
[--upn]

Optional Parameters

--display-name

Object's display name or its prefix.

--filter

OData filter.

--upn

User principal name, e.g. john.doe@contoso.com.

az ad user show

Gets user information from the directory.

az ad user show --id

Required Parameters

--id

The object ID or principal name of the user for which to get information.

az ad user update

Update Azure Active Directory users.

az ad user update --id
[--account-enabled {false, true}]
[--display-name]
[--force-change-password-next-login {false, true}]
[--mail-nickname]
[--password]

Required Parameters

--id

The object ID or principal name of the user for which to get information.

Optional Parameters

--account-enabled

Enable the user account.

accepted values: false, true
--display-name

Object's display name or its prefix.

--force-change-password-next-login

Require the user to change their password the next time they log in.

accepted values: false, true
--mail-nickname

Mail alias. Defaults to user principal name.

--password

User password.