AADUser¶
Parameters¶
Parameter | Attribute | DataType | Description | Allowed Values |
---|---|---|---|---|
UserPrincipalName | Key | String | The login name of the user | |
DisplayName | Write | String | The display name for the user | |
FirstName | Write | String | The first name of the user | |
LastName | Write | String | The last name of the user | |
Roles | Write | StringArray[] | The list of Azure Active Directory roles assigned to the user. | |
UsageLocation | Write | String | The country code the user will be assigned to | |
LicenseAssignment | Write | StringArray[] | The account SKU Id for the license to be assigned to the user | |
Password | Write | PSCredential | The password for the account. The parameter is a PSCredential object, but only the Password component will be used. If Password is not supplied for a new resource a new random password will be generated. Property will only be used when creating the user and not on subsequent updates. | |
City | Write | String | The City name of the user | |
Country | Write | String | The Country name of the user | |
Department | Write | String | The Department name of the user | |
Fax | Write | String | The Fax Number of the user | |
MobilePhone | Write | String | The Mobile Phone Number of the user | |
Office | Write | String | The Office Name of the user | |
PasswordNeverExpires | Write | Boolean | Specifies whether the user password expires periodically. Default value is false | |
PasswordPolicies | Write | String | Specifies password policies for the user. | |
PhoneNumber | Write | String | The Phone Number of the user | |
PostalCode | Write | String | The Postal Code of the user | |
PreferredLanguage | Write | String | The Prefered Language of the user | |
State | Write | String | Specifies the state or province where the user is located | |
StreetAddress | Write | String | Specifies the street address of the user | |
Title | Write | String | Specifies the title of the user | |
UserType | Write | String | Specifies the title of the user | Guest , Member , Other , Viral |
Ensure | Write | String | Present ensures the user exists, absent ensures it is removed | Present , Absent |
Credential | Write | PSCredential | Credentials of the Exchange Global Admin | |
ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
TenantId | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com | |
ApplicationSecret | Write | PSCredential | Secret of the Azure Active Directory application used for authentication. | |
CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
ManagedIdentity | Write | Boolean | Managed ID being used for authentication. |
Description¶
This resource allows users to create Azure AD Users and assign them licenses.
Permissions¶
Microsoft Graph¶
To authenticate with the Microsoft Graph API, this resource required the following permissions:
Delegated permissions¶
-
Read
- RoleManagement.Read.Directory, User.Read.All
-
Update
- Organization.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory, User.Read.All, User.ReadWrite.All
Application permissions¶
-
Read
- RoleManagement.Read.Directory, User.Read.All
-
Update
- Organization.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory, User.Read.All, User.ReadWrite.All
Examples¶
Example 1¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter(Mandatory = $true)]
[PSCredential]
$credsGlobalAdmin
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
AADUser 'ConfigureJohnSMith'
{
UserPrincipalName = "John.Smith@O365DSC1.onmicrosoft.com"
FirstName = "John"
LastName = "Smith"
DisplayName = "John J. Smith"
City = "Gatineau"
Country = "Canada"
Office = "Ottawa - Queen"
LicenseAssignment = @("O365dsc1:ENTERPRISEPREMIUM")
UsageLocation = "US"
Ensure = "Present"
Credential = $credsGlobalAdmin
}
}
}