SOLVED
Home

Bulk load Azure AD Users

%3CLINGO-SUB%20id%3D%22lingo-sub-78486%22%20slang%3D%22en-US%22%3EBulk%20load%20Azure%20AD%20Users%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-78486%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20use%20AD%20Connect%20to%20sync%20our%20own%20AD%20accounts%20with%20our%20Azure%20AD%2C%20but%20require%20a%20method%20to%20bulk%20load%20'in%20cloud'%20only%20accounts%20for%20our%20external%20users.%20So%20I%20have%20a%20few%20quick%20questions%20if%20you%20please.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20I've%20found%20info%20on%20using%20CSV%20files%20to%20bulk%20load%20Azure%20AD%20users%20for%20the%20old%20Azure%20portal%20but%20not%20for%20the%20new%20portal%2C%20is%20it%20possible%3F%20If%20so%20where%20can%20I%20find%20the%20technical%20details%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E2.%20Where%20can%20I%20find%20a%20list%20of%20all%20the%20possible%20fields%20that%20can%20be%20currently%20used%20using%20the%20CSV%20method%2C%20regardless%20of%20portal%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E3.%20Is%20it%20true%20that%20the%20CSV%20method%20of%20bulk%20loading%20users%20is%20going%20to%20be%20replaced%20by%20the%20Microsoft%20Graph%20API%2C%20if%20so%20when%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E4.%20Where%20can%20I%20find%20the%20technical%20details%20about%20bulk%20loading%20users%20using%20the%20Graph%20API%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20and%20take%20care%2C%3C%2FP%3E%3CP%3EShayne%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-78486%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-284417%22%20slang%3D%22en-US%22%3ERe%3A%20Bulk%20load%20Azure%20AD%20Users%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-284417%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20this%20comes%20a%20year%20late%2C%20but%20maybe%20someone%20else%20might%20have%20the%20same%20question.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20use%20the%20following%20script%20to%20do%20a%20bulk%20CSV%20import%20to%20AAD.%20This%20script%20will%20not%20assign%20Users%20to%20application%20or%20groups%2C%20or%20reset%20the%20passwords.%20You%20can%20use%20another%20PS%20Script%20for%20that.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EFirst%3C%2FSTRONG%3E%20-%20you%20will%20need%20to%20update%20your%20Azure%20AD%20module%20for%20PowerShell%20if%20it%20is%20not%20already%20updated.%3C%2FP%3E%3CPRE%3EPS%20C%3A%5C%26gt%3BInstall-Module%20AzureADPreview%20-Verbose%20-Force%3C%2FPRE%3E%3CP%3ENext%20run%20the%20script.%26nbsp%3B%3C%2FP%3E%3CPRE%3EConnect-AzureRmAccount%20%3CBR%20%2F%3E%24SecureStringPassword%20%3D%20ConvertTo-SecureString%20-String%20%22ComplexPasswordHere%22%20-AsPlainText%20-Force%3CBR%20%2F%3E%24Users%20%3D%20Import-Csv%20'C%3A%5CPath%20to%20CSV%20file%5CUser_CSV_FILE.csv'%3CBR%20%2F%3E%24Users%20%7C%20ForEach-Object%20%7B%20%3CBR%20%2F%3ENew-AzureRmADUser%20-DisplayName%20%24_.DisplayName%20-UserPrincipalName%20%24_.UserPrincipalName%20-Password%20%24SecureStringPassword%20-MailNickname%20%24_.MailNickName%20-ForceChangePasswordNextLogin%20%24True%20-Verbose%3CBR%20%2F%3E%26nbsp%3B%7D%3C%2FPRE%3E%3CP%3E%26nbsp%3BIf%20you%20do%20a%20...%3C%2FP%3E%3CPRE%3EGet-Help%20New-AzureRmADUser%3C%2FPRE%3E%3CP%3E%26nbsp%3BYou%20will%20get%20the%20parameters%20for%20it.%20The%26nbsp%3B%3CSTRONG%3ERequired%3C%2FSTRONG%3E%20parameters%20are%20in%20the%20script.%20You%20might%20also%20be%20able%20to%20forgo%20the%20first%20%24SecureStringPassword%2C%20and%20opt%20to%20do%20something%20like%26nbsp%3B%3C%2FP%3E%3CPRE%3E-Password%20%24_.%22Password%22%3C%2FPRE%3E%3CP%3EI%20haven't%20tested%20that%2C%20but%20the%20issue%20you%20might%20run%20into%20is%20that%20if%20your%20passwords%20are%20complex%20passwords%20with%20characters%20used%20in%20scripting%20and%20coding%2C%20then%20it%20might%20not%20be%20able%20to%20convert%20it%20to%20a%20string%20value.%20The%20above%20should%20make%20it%20into%20a%20string%20value%2C%20but%20like%20I%20said%2C%20I%20have%20not%20tested%20it.%26nbsp%3B%20However%2C%20with%20the%20ForceChangePasswordNextLogin%2C%20resolve%20this%20little%20issue%20nicely.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3ECSV%20Format%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EThe%20CSV%20should%20absolutely%20contain%20the%20fields%20in%20the%20script%20as%20the%20headers.%3C%2FP%3E%3CUL%3E%3CLI%3EDisplayName%20-%20Simple%20name%20of%20the%20user%3C%2FLI%3E%3CLI%3EUserPrincipalName%20-%20Usually%20in%20the%20format%20of%20an%20email%3A%20i.e.%20user%40contosso.onmicrosoft.com%3C%2FLI%3E%3CLI%3EPassword%20-%20Self%20explanatory%3C%2FLI%3E%3CLI%3EMailNickName%20-%20Short%20name.%20I%20usually%20copy%20over%20the%20DisplayName.%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-78511%22%20slang%3D%22en-US%22%3ERe%3A%20Bulk%20load%20Azure%20AD%20Users%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-78511%22%20slang%3D%22en-US%22%3E%3CP%3EHere%20is%20one%20approach%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-code-samples%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-code-samples%3C%2FA%3E%20and%20a%20more%20comprehensive%20article%20is%20at%26nbsp%3B%20%3CA%20href%3D%22https%3A%2F%2Fjustidm.wordpress.com%2F2017%2F05%2F07%2Fazure-ad-b2b-how-to-bulk-add-guest-users-without-invitation-redemption%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fjustidm.wordpress.com%2F2017%2F05%2F07%2Fazure-ad-b2b-how-to-bulk-add-guest-users-without-invitation-redemption%2F%3C%2FA%3E%20and%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-78509%22%20slang%3D%22en-US%22%3ERe%3A%20Bulk%20load%20Azure%20AD%20Users%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-78509%22%20slang%3D%22en-US%22%3E%3CP%3ENot%20UI%2C%20or%20Graph%2C%20but%20I%20use%20PowerShell%20and%20it%20is%20quite%20simple%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3E%24UserName%20%3D%20%22%22%0A%24Password%20%3D%20%22%22%0A%24SecurePassword%20%3D%20%24Password%20%7C%20ConvertTo-SecureString%20-AsPlainText%20-Force%0A%24Credential%20%3D%20New-Object%20-TypeName%20System.Management.Automation.PSCredential%20-argumentlist%20%24userName%2C%20%24SecurePassword%0A%0AConnect-MsolService%20-Credential%20%24Credential%0A%0A%24NewUser%20%3D%20New-MsolUser%20-UserPrincipalName%20%22user%40company.com%22%20-DisplayName%20%E2%80%9CTest%20User%E2%80%9D%20-FirstName%20%E2%80%9CTest%E2%80%9D%20-LastName%20%E2%80%9CUser%E2%80%9D%3C%2FPRE%3E%3CP%3EThis%20is%20just%20for%20one%20user%2C%20just%20do%20a%20simple%20read%20CSV%20and%20a%20for%20loop%20if%20you%20want%20to%20automate%20a%20bunch%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAll%20attribute%20options%20documented%20here%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fmsonline%2Fnew-msoluser%3Fview%3Dazureadps-1.0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fmsonline%2Fnew-msoluser%3Fview%3Dazureadps-1.0%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Shayne Wright
New Contributor

Hi

 

We use AD Connect to sync our own AD accounts with our Azure AD, but require a method to bulk load 'in cloud' only accounts for our external users. So I have a few quick questions if you please.

 

1. I've found info on using CSV files to bulk load Azure AD users for the old Azure portal but not for the new portal, is it possible? If so where can I find the technical details?

 

2. Where can I find a list of all the possible fields that can be currently used using the CSV method, regardless of portal?

 

3. Is it true that the CSV method of bulk loading users is going to be replaced by the Microsoft Graph API, if so when?

 

4. Where can I find the technical details about bulk loading users using the Graph API?

 

Thanks and take care,

Shayne

3 Replies
Solution

Not UI, or Graph, but I use PowerShell and it is quite simple:

 

$UserName = ""
$Password = ""
$SecurePassword = $Password | ConvertTo-SecureString -AsPlainText -Force
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $userName, $SecurePassword

Connect-MsolService -Credential $Credential

$NewUser = New-MsolUser -UserPrincipalName "user@company.com" -DisplayName “Test User” -FirstName “Test” -LastName “User”

This is just for one user, just do a simple read CSV and a for loop if you want to automate a bunch

 

All attribute options documented here:

https://docs.microsoft.com/en-us/powershell/module/msonline/new-msoluser?view=azureadps-1.0

Hello,

 

I know this comes a year late, but maybe someone else might have the same question.

 

I use the following script to do a bulk CSV import to AAD. This script will not assign Users to application or groups, or reset the passwords. You can use another PS Script for that. 

 

First - you will need to update your Azure AD module for PowerShell if it is not already updated.

PS C:\>Install-Module AzureADPreview -Verbose -Force

Next run the script. 

Connect-AzureRmAccount 
$SecureStringPassword = ConvertTo-SecureString -String "ComplexPasswordHere" -AsPlainText -Force
$Users = Import-Csv 'C:\Path to CSV file\User_CSV_FILE.csv'
$Users | ForEach-Object {
New-AzureRmADUser -DisplayName $_.DisplayName -UserPrincipalName $_.UserPrincipalName -Password $SecureStringPassword -MailNickname $_.MailNickName -ForceChangePasswordNextLogin $True -Verbose
 }

 If you do a ...

Get-Help New-AzureRmADUser

 You will get the parameters for it. The Required parameters are in the script. You might also be able to forgo the first $SecureStringPassword, and opt to do something like 

-Password $_."Password"

I haven't tested that, but the issue you might run into is that if your passwords are complex passwords with characters used in scripting and coding, then it might not be able to convert it to a string value. The above should make it into a string value, but like I said, I have not tested it.  However, with the ForceChangePasswordNextLogin, resolve this little issue nicely. 

 

CSV Format

The CSV should absolutely contain the fields in the script as the headers.

  • DisplayName - Simple name of the user
  • UserPrincipalName - Usually in the format of an email: i.e. user@contosso.onmicrosoft.com
  • Password - Self explanatory
  • MailNickName - Short name. I usually copy over the DisplayName.

 

 

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies