Using Get-MgUser with New-MgUser: Creating and Verifying Users in Microsoft 365
Managing user accounts is a critical task in Microsoft 365 administration. Pairing Get-MgUser and New-MgUser allows administrators to create new users and immediately verify their details. This article demonstrates a simple use case with practical tips for everyday user management.
The New-MgUser cmdlet enables you to create new users in Microsoft 365, while Get-MgUser retrieves user details, such as their display name, email, and assigned licenses. Using these cmdlets together ensures accuracy during the user creation process by allowing immediate verification.
Usage Example: Creating and Verifying a User
# Step 1: Define new user details
$newUser = @{
DisplayName = "Jane Doe"
UserPrincipalName = "jane.doe@domain.com"
MailNickname = "janedoe"
AccountEnabled = $true
PasswordProfile = @{
ForceChangePasswordNextSignIn = $true
Password = "P@ssw0rd123!"
}
}
# Step 2: Create the user
try {
New-MgUser -BodyParameter $newUser
Write-Output "User created successfully: $($newUser.DisplayName)"
} catch {
Write-Error "Failed to create user: $_"
return
}
# Step 3: Verify the user's details
$user = Get-MgUser -Filter "userPrincipalName eq 'jane.doe@domain.com'"
if ($user -ne $null) {
Write-Output "User Found: $($user.DisplayName)"
Write-Output "User Principal Name: $($user.UserPrincipalName)"
Write-Output "Account Enabled: $($user.AccountEnabled)"
} else {
Write-Error "User verification failed: User not found."
}
Cmdlet Tips
- Avoid Duplicate Users: Use
Get-MgUserwith the-Filterparameter to check if the user already exists before creating them:$existingUser = Get-MgUser -Filter "userPrincipalName eq 'jane.doe@domain.com'" if ($existingUser) { Write-Error "User already exists." return } - Password Management: Ensure strong passwords are used in the
PasswordProfileto meet organizational security requirements. - Enable or Disable Accounts: Set
AccountEnabledto$truefor active users or$falsefor inactive accounts at the time of creation. - Review Required Properties: For successful user creation, ensure required properties like
DisplayName,UserPrincipalName, andMailNicknameare provided.
Use Cases
- Onboarding New Employees: Automate the creation and verification of new accounts during onboarding workflows.
- Testing and Training: Quickly create test accounts for training sessions or system testing.
- Bulk User Creation: Create multiple users by looping through a list of user details from a CSV or other source:
$users = Import-Csv "users.csv" foreach ($user in $users) { $newUser = @{ DisplayName = $user.DisplayName UserPrincipalName = $user.UserPrincipalName MailNickname = $user.MailNickname AccountEnabled = $true PasswordProfile = @{ ForceChangePasswordNextSignIn = $true Password = $user.Password } } New-MgUser -BodyParameter $newUser }
Possible Errors & Solutions
| Error Message | Cause | Solution |
| User Already Exists | Attempting to create a user with an existing UPN | Check for existing users with Get-MgUser before creating new ones. |
| Invalid Password | Password does not meet complexity requirements | Ensure passwords comply with the organization's password policy. |
| Insufficient Permissions | Missing required permissions | Grant User.ReadWrite.All or Directory.ReadWrite.All permissions. |
| Invalid Property Value | Missing or incorrect user properties | Verify that all required properties are correctly specified. |
Conclusion
Pairing Get-MgUser and New-MgUser simplifies the process of creating and verifying user accounts in Microsoft 365. This approach ensures that user accounts are created accurately and allows for immediate validation to avoid potential issues.
By incorporating these cmdlets into your workflows, you can streamline user management and enhance administrative efficiency in your organization.