5 Useful Scripts with New-MgUser in PowerShell

Creating and managing user accounts is one of the most frequent tasks for Microsoft 365 administrators. With the help of Microsoft Graph PowerShell, you can create users efficiently and maintain detailed records of your user provisioning activities.

The New-MgUser cmdlet is a powerful tool that allows administrators to create new Microsoft 365 users with different levels of detail — from basic accounts to fully customized user profiles.

In this article, we’ll explore five simple yet practical examples of using New-MgUser to create Microsoft 365 users. Each example is beginner-friendly and designed to help you understand how user creation works in Microsoft Graph PowerShell.

Prerequisites

Before you begin, make sure you have the Microsoft Graph PowerShell module installed and are signed in with the necessary permissions:

Install-Module Microsoft.Graph -Scope CurrentUser
Connect-MgGraph -Scopes "User.ReadWrite.All"

Once connected, you can start creating users using the following examples.

1. Basic User Creation

This example demonstrates how to create a new user with only the essential attributes — DisplayName, UserPrincipalName, MailNickname, and Password.

New-MgUser -DisplayName "John Doe" -UserPrincipalName "john.doe@yourdomain.com" -MailNickname "john.doe" -PasswordProfile @{Password="Password123"; ForceChangePasswordNextSignIn=$true} -AccountEnabled



Explanation:

This command creates an active user named John Doe and enforces a password change at the first sign-in. The -AccountEnabled parameter ensures the account is immediately active after creation.

2. Creating a User with Department and Office Location

You can include additional details such as the department and office location when creating users to maintain accurate organizational data.

New-MgUser -DisplayName "Mark Johnson" -UserPrincipalName "mark.johnson@yourdomain.com" -MailNickname "mark.johnson" -PasswordProfile @{Password="Password123"; ForceChangePasswordNextSignIn=$true} -AccountEnabled  -Department "Sales" -OfficeLocation "Building 1"



Explanation:

This example creates a user named Mark Johnson from the Sales department, located in Building 1. Adding department and location details helps streamline administrative tasks like reporting and filtering users.

3. Creating a User with Usage Location and Preferred Language

If your organization operates globally, specifying usage location and preferred language can be valuable for localization and license assignment purposes.

New-MgUser -DisplayName "Tom Wilson" -UserPrincipalName "tom.wilson@yourdomain.com" -MailNickname "tom.wilson" -PasswordProfile @{Password="Password123"; ForceChangePasswordNextSignIn=$true} -AccountEnabled  -UsageLocation "US" -PreferredLanguage "en-US"



Explanation:

This creates a user named Tom Wilson with US as the usage location and English (United States) as the preferred language. The usage location is required when assigning licenses later on, so it’s best to include it upfront.

4. Bulk User Creation

This example is ideal when you need to create multiple user accounts — for example, during new hire onboarding or migration from another system.

$users = Import-Csv -Path "Users.csv"
    foreach ($user in $users) {
        $userParams = @{
        DisplayName     = $user.DisplayName
        UserPrincipalName = $user.UserPrincipalName
        MailNickname    = $user.MailNickname
        AccountEnabled  = $true
        PasswordProfile = @{
        Password = $user.Password
        ForceChangePasswordNextSignIn = $true
        }
     }
        New-MgUser -BodyParameter $userParams
    }



CSV File Structure

Your CSV file (Users.csv) should have the following columns:

DisplayName,UserPrincipalName,MailNickname,Password
John Doe,john.doe@yourdomain.com,john.doe,Password123
Mark Johnson,mark.johnson@yourdomain.com,mark.johnson,Password123
Tom Wilson,tom.wilson@yourdomain.com,tom.wilson,Password123

Explanation:

This script reads user data from a CSV file and creates accounts for each entry. Once the script completes, you’ll see the list of newly created users in the PowerShell output.

5. Create a Disabled User Account (e.g., for Service Use)

Sometimes, you may need to create accounts that should not allow login — such as service or application identities.

$params = @{
  accountEnabled = $false
  displayName = "Service Account - No Login"
  mailNickname = "svcaccount1"
  userPrincipalName = "svcaccount1@yourdomain.com"
  usageLocation = "US"
  passwordProfile = @{
    forceChangePasswordNextSignIn = $false
    password = "S3cureTempP@ssword!"
  }
}
New-MgUser -BodyParameter $params



Explanation:

This script creates a disabled user account named Service Account - No Login. The account is not enabled (accountEnabled = $false), meaning it can exist for integration purposes but cannot be used to sign in.

Common Errors & Solutions

Error	Cause	Solution
Insufficient privileges to complete the operation	Missing permissions	Use Connect-MgGraph -Scopes "User.ReadWrite.All"
Password does not meet complexity requirements	Weak password	Use a strong password with uppercase, lowercase, numbers, and symbols
Cannot bind argument to parameter 'BodyParameter'	Hashtable format issue	Ensure property names are properly defined inside @{}

Use Case Ideas

• Automate new hire onboarding from HR exports
• Create standardized service accounts for applications
• Maintain accurate department and office data
• Streamline bulk user provisioning
• Support multilingual environments with preferred languages

Conclusion

The New-MgUser cmdlet provides an efficient and flexible way to create users in Microsoft 365 using Graph PowerShell. Whether you’re creating a single user or importing hundreds, these scripts help you save time, reduce manual errors, and maintain cleaner directory data.

Experiment with these examples, tweak them for your environment, and you’ll soon master the art of user provisioning through Graph PowerShell.