M365 PowerShell

Microsoft 365 User Management Using Graph PowerShell

This article serves as a complete guide to user management using Microsoft Graph PowerShell. Learn how to manage user accounts, update user attributes, reset passwords, and handle bulk operations with practical examples

Follow these steps to manage Microsoft 365 users using the Microsoft Graph PowerShell module.

Install the Microsoft Graph PowerShell SDK

If you haven't already, install the Graph PowerShell module using the following PowerShell command: Install-Module -Name Microsoft.Graph -Scope CurrentUser

Connect to Microsoft Graph PowerShell module with necessary permissions

Before you can interact with Microsoft Graph, you need to authenticate yourself with the required permissions. The required permissions in our case is User.Read.All and Directory.ReadWrite.All

Running the Connect-MgGraph -Scopes "User.ReadWrite.All" will open a login prompt for you to enter your Microsoft 365 credentials and authenticate yourself.

Get All Microsoft 365 Users

Run Get-MgUser command to get all the users in your tenant.

Get Details of a Specific Microsoft 365 User

Run Get-MgUser command and pass in user id or UserPrincipalName to the -UserId parameter to get more details about the user.

Create a New Microsoft 365 User

Run New-MgUser cmdlet and pass in the -DisplayName, -PasswordProfile, -MailNickName and -UserPrincipalName parameter values. -AccountEnabled parameter is also necessary. It is set to $true by default. When you execute New-MgUser cmdlet, the created user's details get displayed.

Creating Multiple Microsoft 365 Users

You can also read or import user information from CSV files and create multiple Microsoft 365 user accounts at the same time.

Creating the CSV file

Ensure your CSV file contains the following headers: DisplayName, UserPrincipalName, MailNickName and Password.

Creating the PowerShell Script to Read CSV file details and Create Users

Note: Ensure you pass the path of the CSV file to Import-Csv cmdlet. In the above case, the path is not specified because the script was executed after getting to the script file’s location as shown in the image below.

Running the PowerShell Script

To execute the PowerShell script saved in the .ps1 file, navigate to the location where the .ps1 file is located, type in the filename in the PowerShell console and hit Enter. The users get created and listed in the console as shown in the image below.

Updating Microsoft 365 User Details

Run Update-MgUser cmdlet and pass in the user id to the -UserId parameter along with the details to be updated. In the example shown, the user's DisplayName is updated.

Deleting Microsoft 365 User

Run Remove-MgUser cmdlet and pass the id of the user to be deleted to the -UserId parameter.

You can also pass in the -Confirm parameter in which case you'll be required to confirm the user deletion.

Note: Read Microsoft Graph PowerShell User Management documentation for more info.

Frequently Asked Questions

What is Microsoft Graph PowerShell used for in user management?

Microsoft Graph PowerShell provides cmdlets to manage Microsoft 365 user accounts. It allows admins to perform tasks like creating, updating, and deleting users, assigning licenses, and resetting passwords.

How can I update a user’s attributes using Graph PowerShell?

Use the Update-MgUser cmdlet to modify user attributes. Example:

$Body = @{
    "displayName" = "John Doe"
    "jobTitle" = "Marketing Manager"
 }
Update-MgUser -UserId "<UserPrincipalName>" -BodyParameter $Body

Can I reset a user’s password using Graph PowerShell?

Yes, you can reset a user’s password using the Update-MgUser cmdlet. Example:

$Body = @{
    "passwordProfile" = @{
            "forceChangePasswordNextSignIn" = $true
            "password" = "StrongPassword123!"
            }
          }
Update-MgUser -UserId "" -BodyParameter $Body

How can I perform bulk user management operations?

You can use a CSV file to perform bulk operations. For example, to update job titles in bulk

Prepare a CSV file with the format:

UserPrincipalName,JobTitle
user1@domain.com,Sales Manager
user2@domain.com,HR Specialist

$Users = Import-Csv -Path "C:\Path\To\File.csv"
    foreach ($User in $Users) {
            $Body = @{
                "jobTitle" = $User.JobTitle
            }
    Update-MgUser -UserId $User.UserPrincipalName -BodyParameter $Body
}