Add-​Azure​AD​Directory​Role​Member

Adds a member to a directory role.

Syntax

Add-AzureADDirectoryRoleMember
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   -ObjectId <String>
   -RefObjectId <String>
   [<CommonParameters>]

Description

The Add-AzureADDirectoryRoleMember cmdlet adds a member to an Azure Active Directory role.

Examples

Example 1: Add a member to an Active Directory role instance

PS C:\>Add-AzureADDirectoryRoleMember -ObjectId 019ea7a2-1613-47c9-81cb-20ba35b1ae48 -RefObjectId c13dd34a-492b-4561-b171-40fcce2916c5

This example adds a member to an Active Directory role instance.

Example 2: Add a member to an Active Directory role instance

# Fetch user to assign to role
$roleMember = Get-AzureADUser -ObjectId "vincesm@msods.com"

# Fetch User Account Administrator role instance
$role = Get-AzureADDirectoryRole | Where-Object {$_.displayName -eq 'User Account Administrator'}

# If role instance does not exist, instantiate it based on the role template
if ($role -eq $null) {
    # Instantiate an instance of the role template
    $roleTemplate = Get-AzureADDirectoryRoleTemplate | Where-Object {$_.displayName -eq 'User Account Administrator'}
    Enable-AzureADDirectoryRole -RoleTemplateId $roleTemplate.ObjectId

    # Fetch User Account Administrator role instance again
    $role = Get-AzureADDirectoryRole | Where-Object {$_.displayName -eq 'User Account Administrator'}
}

# Add user to role
Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $roleMember.ObjectId

# Fetch role membership for role to confirm
Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId | Get-AzureADUser

This example adds a member to an Active Directory role instance, instantiating the role instance first if it does not exist.

Required Parameters

-ObjectId

Specifies the ID of a directory role in Azure Active Directory.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName, ByValue)
Accept wildcard characters:False
-RefObjectId

Specifies the ID of the Azure Active Directory object to assign as a member. Members can be users or service principals only.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName, ByValue)
Accept wildcard characters:False

Optional Parameters

-InformationAction

Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:

  • Continue
  • Ignore
  • Inquire
  • SilentlyContinue
  • Stop
  • Suspend
Type:ActionPreference
Aliases:infa
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-InformationVariable

Specifies a variable in which to store an information event message.

Type:String
Aliases:iv
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False