Simplify user tasks like bulk creation, updates, password resets, deletions, license checks & more — all from one place.
🚀 Launch ToolkitAdministrative Units (AUs) in Microsoft Entra ID (formerly Azure AD) allow organizations to logically segment users and assign scoped admin roles. With the help of Microsoft Graph PowerShell, managing these AUs becomes more efficient—especially when performing bulk operations or automating repetitive tasks.
This guide walks you through what AUs are, why managing them via PowerShell is useful, and links to detailed Graph PowerShell scripts you can use to manage them effectively.
Administrative Units are containers in Entra ID that help you delegate permissions or apply settings to a subset of users, groups, or devices. For example, you might create one AU for each department or geographic location and assign local IT admins scoped access to only that unit.
While AUs can be managed via the Microsoft Entra portal, PowerShell allows for automation, bulk actions, and integration into larger admin workflows. This is especially useful for organizations with dynamic user bases or multiple departments where manual configuration would be inefficient.
Here are key tasks you can perform using Microsoft Graph PowerShell with detailed scripts provided on M365Corner:
Use the New-MgDirectoryAdministrativeUnit cmdlet to create a new AU with a name and optional description. Also learn how to bulk create administrative units by reading data from CSV files.
📘 Create AUs Using PowerShell
The Update-MgDirectoryAdministrativeUnit cmdlet allows you to update properties like the AU’s name or description.
📘 Update AUs Using PowerShell
You can delete an AU using the Remove-MgDirectoryAdministrativeUnit cmdlet once it's no longer required or has been migrated. Also learn how to bulk delete or remove administrative units by reading data from CSV files.
📘 Remove AUs Using PowerShell
With New-MgDirectoryAdministrativeUnitMemberByRef, you can assign users to specific Aus individually and in bulk using CSV files. Learn both ways and align users with their respective scopes.
📘Add Members to AUs Using PowerShell
To remove a user from an AU individually or in bulk using CSV files, use Remove-MgDirectoryAdministrativeUnitMemberByRef. This keeps your units clean and up to date.
Administrative Units play a vital role in delegated administration within Microsoft Entra ID. By using Graph PowerShell, you gain efficiency, consistency, and the power to automate complex administrative tasks.
Whether you’re adding or removing AUs, managing members, or updating properties, the scripts above from M365Corner give you a solid starting point. You can also modify them to suit your organization’s specific structure and needs.
Did You Know? Managing Microsoft 365 applications is even easier with automation. Try our Graph PowerShell scripts to automate tasks like generating reports, cleaning up inactive Teams, or assigning licenses efficiently.
Ready to get the most out of Microsoft 365 tools? Explore our free Microsoft 365 administration tools to simplify your administrative tasks and boost productivity.
© Your Site Name. All Rights Reserved. Design by HTML Codex