{
	"id": "365cd227-d088-44cc-ad3a-196a9a55b929",
	"created_at": "2026-04-06T00:07:13.396847Z",
	"updated_at": "2026-04-10T03:20:30.591475Z",
	"deleted_at": null,
	"sha1_hash": "843ec525275b01638677d82488f2d06c569bc2d2",
	"title": "az ad user",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 52054,
	"plain_text": "az ad user\r\nBy mikefrobbins\r\nArchived: 2026-04-05 14:50:51 UTC\r\nIn this article\r\n1. Commands\r\n2. az ad user create\r\n3. az ad user delete\r\n4. az ad user get-member-groups\r\n5. az ad user list\r\n6. az ad user show\r\n7. az ad user update\r\nManage Microsoft Entra users.\r\nCommands\r\nCreate a user.\r\naz ad user create --display-name\r\n --password\r\n --user-principal-name\r\n [--force-change-password-next-sign-in {false, true}]\r\n [--immutable-id]\r\n [--mail-nickname]\r\nCreate a user\r\naz ad user create --display-name myuser --password password --user-principal-name myuser@contoso.com\r\nObject's display name or its prefix.\r\nThe password that should be assigned to the user for authentication.\r\nThe user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant.\r\nThe following parameters are optional, but depending on the context, one or more might become required for the\r\ncommand to execute successfully.\r\nhttps://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest\r\nPage 1 of 4\n\n--force-change-password-next-sign-in\r\nMarks this user as needing to update their password the next time they authenticate. If omitted, false will be used.\r\nProperty Value\r\nDefault value: False\r\nAccepted values: false, true\r\nThis property is used to associate an on-premises Active Directory user account to their Microsoft Entra user\r\nobject. This property must be specified when creating a new user account in the Graph if you're using a federated\r\ndomain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when\r\nspecifying this property.\r\nMail alias. Defaults to user principal name.\r\nGlobal Parameters\r\nDelete a user.\r\naz ad user delete --id\r\nDelete a user.\r\naz ad user delete --id myuser@contoso.com\r\nThe object ID or principal name of the user for which to get information.\r\nGlobal Parameters\r\nGet groups of which the user is a member.\r\naz ad user get-member-groups --id\r\n [--security-enabled-only {false, true}]\r\nGet groups of which the user is a member\r\naz ad user get-member-groups --id myuser@contoso.com\r\nThe object ID or principal name of the user for which to get information.\r\nThe following parameters are optional, but depending on the context, one or more might become required for the\r\ncommand to execute successfully.\r\nhttps://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest\r\nPage 2 of 4\n\nTrue to specify that only security groups that the entity is a member of should be returned; false to specify that all\r\ngroups and directory roles that the entity is a member of should be returned.\r\nProperty Value\r\nDefault value: False\r\nAccepted values: false, true\r\nGlobal Parameters\r\nList users.\r\naz ad user list [--display-name]\r\n [--filter]\r\n [--upn]\r\nList all users.\r\naz ad user list\r\nThe following parameters are optional, but depending on the context, one or more might become required for the\r\ncommand to execute successfully.\r\nObject's display name or its prefix.\r\nOData filter, e.g. --filter \"displayname eq 'test' and servicePrincipalType eq 'Application'\".\r\nUser principal name, e.g. john.doe@contoso.com.\r\nGlobal Parameters\r\nGet the details of a user.\r\naz ad user show --id\r\nShow a user.\r\naz ad user show --id myuser@contoso.com\r\nThe object ID or principal name of the user for which to get information.\r\nGlobal Parameters\r\nUpdate a user.\r\nhttps://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest\r\nPage 3 of 4\n\naz ad user update --id\r\n [--account-enabled {false, true}]\r\n [--display-name]\r\n [--force-change-password-next-sign-in {false, true}]\r\n [--mail-nickname]\r\n [--password]\r\nUpdate a user.\r\naz ad user update --id myuser@contoso.com --display-name username2\r\nThe object ID or principal name of the user for which to get information.\r\nThe following parameters are optional, but depending on the context, one or more might become required for the\r\ncommand to execute successfully.\r\nEnable the user account.\r\nProperty Value\r\nAccepted values: false, true\r\nObject's display name or its prefix.\r\n--force-change-password-next-sign-in\r\nIf the user must change her password on the next login.\r\nProperty Value\r\nAccepted values: false, true\r\nMail alias. Defaults to user principal name.\r\nUser password.\r\nGlobal Parameters\r\nSource: https://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest\r\nhttps://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://docs.microsoft.com/en-us/cli/azure/ad/user?view=azure-cli-latest"
	],
	"report_names": [
		"user?view=azure-cli-latest"
	],
	"threat_actors": [],
	"ts_created_at": 1775434033,
	"ts_updated_at": 1775791230,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/843ec525275b01638677d82488f2d06c569bc2d2.pdf",
		"text": "https://archive.orkl.eu/843ec525275b01638677d82488f2d06c569bc2d2.txt",
		"img": "https://archive.orkl.eu/843ec525275b01638677d82488f2d06c569bc2d2.jpg"
	}
}