az ad user
Manage Azure Active Directory users and user authentication.
Commands
az ad user create |
Create an Azure Active Directory user. |
az ad user delete |
Delete a user. |
az ad user get-member-groups |
Get groups of which the user is a member. |
az ad user list |
List Azure Active Directory users. |
az ad user show |
Gets user information from the directory. |
az ad user update |
Update Azure Active Directory users. |
az ad user create
Create an Azure Active Directory user.
az ad user create --display-name
--password
--user-principal-name
[--force-change-password-next-login {false, true}]
[--immutable-id]
[--mail-nickname]
Required Parameters
Object's display name or its prefix.
The password that should be assigned to the user for authentication.
Required. The user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant.
Optional Parameters
Marks this user as needing to update their password the next time they authenticate. If omitted, false will be used.
This must be specified if you are using a federated domain for the user's userPrincipalName (UPN) property when creating a new user account. It is used to associate an on-premises Active Directory user account with their Azure AD user object.
Mail alias. Defaults to user principal name.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad user delete
Delete a user.
az ad user delete --id
Required Parameters
The object ID or principal name of the user for which to get information.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad user get-member-groups
Get groups of which the user is a member.
az ad user get-member-groups --id
[--security-enabled-only]
Examples
Get groups of which the user is a member (autogenerated)
az ad user get-member-groups --upn-or-object-id myuser@contoso.com
Required Parameters
The object ID or principal name of the user for which to get information.
Optional Parameters
If true, only membership in security-enabled groups should be checked. Otherwise, membership in all groups should be checked.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad user list
List Azure Active Directory users.
az ad user list [--display-name]
[--filter]
[--query-examples]
[--upn]
Optional Parameters
Object's display name or its prefix.
OData filter, e.g. --filter "displayname eq 'test' and servicePrincipalType eq 'Application'".
Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.
User principal name, e.g. john.doe@contoso.com.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad user show
Gets user information from the directory.
az ad user show --id
[--query-examples]
Required Parameters
The object ID or principal name of the user for which to get information.
Optional Parameters
Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az ad user update
Update Azure Active Directory users.
az ad user update --id
[--account-enabled {false, true}]
[--display-name]
[--force-change-password-next-login {false, true}]
[--mail-nickname]
[--password]
Examples
Update Azure Active Directory users. (autogenerated)
az ad user update --id 00000000-0000-0000-0000-000000000000
Required Parameters
The object ID or principal name of the user for which to get information.
Optional Parameters
Enable the user account.
Object's display name or its prefix.
Require the user to change their password the next time they log in. Only valid when --password is specified.
Mail alias. Defaults to user principal name.
User password.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.