Forum Discussion

Shayne Wright's avatar
Shayne Wright
Copper Contributor
Jun 16, 2017

Bulk load Azure AD Users

Hi   We use AD Connect to sync our own AD accounts with our Azure AD, but require a method to bulk load 'in cloud' only accounts for our external users. So I have a few quick questions if you pleas...
Azure Active Directory (AAD)
Identity Management
  • Brent Ellis's avatar
    Brent Ellis
    Jun 16, 2017

    Not UI, or Graph, but I use PowerShell and it is quite simple:

     

    $UserName = ""
$Password = ""
$SecurePassword = $Password | ConvertTo-SecureString -AsPlainText -Force
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $userName, $SecurePassword

Connect-MsolService -Credential $Credential

$NewUser = New-MsolUser -UserPrincipalName "user@company.com" -DisplayName “Test User” -FirstName “Test” -LastName “User”

    This is just for one user, just do a simple read CSV and a for loop if you want to automate a bunch

     

    All attribute options documented here:

    https://docs.microsoft.com/en-us/powershell/module/msonline/new-msoluser?view=azureadps-1.0

K M's avatar
K M
Copper Contributor
Nov 09, 2018

Hello,

 

I know this comes a year late, but maybe someone else might have the same question.

 

I use the following script to do a bulk CSV import to AAD. This script will not assign Users to application or groups, or reset the passwords. You can use another PS Script for that. 

 

First - you will need to update your Azure AD module for PowerShell if it is not already updated.

PS C:\>Install-Module AzureADPreview -Verbose -Force

Next run the script. 

Connect-AzureRmAccount 
$SecureStringPassword = ConvertTo-SecureString -String "ComplexPasswordHere" -AsPlainText -Force
$Users = Import-Csv 'C:\Path to CSV file\User_CSV_FILE.csv'
$Users | ForEach-Object { 
New-AzureRmADUser -DisplayName $_.DisplayName -UserPrincipalName $_.UserPrincipalName -Password $SecureStringPassword -MailNickname $_.MailNickName -ForceChangePasswordNextLogin $True -Verbose
 }

 If you do a ...

Get-Help New-AzureRmADUser

 You will get the parameters for it. The Required parameters are in the script. You might also be able to forgo the first $SecureStringPassword, and opt to do something like 

-Password $_."Password"

I haven't tested that, but the issue you might run into is that if your passwords are complex passwords with characters used in scripting and coding, then it might not be able to convert it to a string value. The above should make it into a string value, but like I said, I have not tested it.  However, with the ForceChangePasswordNextLogin, resolve this little issue nicely. 

 

CSV Format

The CSV should absolutely contain the fields in the script as the headers.

  • DisplayName - Simple name of the user
  • UserPrincipalName - Usually in the format of an email: i.e. user@contosso.onmicrosoft.com
  • Password - Self explanatory
  • MailNickName - Short name. I usually copy over the DisplayName.

 

 

Resources