Importing New Users in Office 365 via PowerShell or Portal

There are 2 methods, one that uses the bulk import from the Office 365 portal and another that uses Windows Azure Active Directory Module for Windows PowerShell.  In this post I will cover both methods but will focus mainly on the PowerShell method as it is much more powerful and most importantly it allows us to set the password and monitor for errors in real-time.

Bulk Import via the Office 365 Portal

  • Login to your Office 365 Admin account  and click on Admin
C:\Users\charbel\AppData\Local\Temp\SNAGHTML54e7f73.PNG
  • Go to Users / Active Users and Click on Bulk Import as shown below and then follow the instructions.
  • You will get the Bulk add users Wizard
  • Do the import. It is fairly simple.
    1. Download the sample CSV file
    2. Open it in Excel
    3. Map your data to it and make sure you fill the Display Name and Email Address as these are the minimum required fields to create an email account.
    4. Review and correct if there are duplicate emails.
    5. Assign Licenses after the users are created
      1. Go to Active Users and then select the View Unlicensed Users
      1. Select the users and then Click Edit and Follow the instructions of the Wizard to setup all the other details and the license.

Create User using PowerShell

This is way more powerful and more flexible solution and with great power comes a lot of implementation complexity. The main purpose for using powershell to bulk create new users is because it allows us to do the following at the same time while creating the users. :
  • Assign passwords
  • Assign licenses
  • Set ForceChangePassword to false
  • Set StrongPasswordRequired to false

Setting up the Environment

First we need to setup the environment which is mainly configuring powershell with the required libraries.
Download Microsoft Online Services Sign-In Assistant for IT Professionals RTW
  • https://www.microsoft.com/en-us/download/confirmation.aspx?id=41950
Download the Azure AD Module for Windows PowerShell:
After those setup executables are downloaded and installed start Windows PowerShell and issue the following commands to connect
  • Import-Module MSOnline
  • Connect-MsolService
  • This command Connect-MsolService will prompt you to enter the email and password for the Admin account you will be using to run your scripts.

The Script

The script that we want to run is very simple and mainly consists of New-MsolUser commands and Set-MsolUserPassword run sequentially one command after the other.
New-MsolUser -DisplayName "Dr. Maurice Doe" -FirstName "Maurice" -Lastname "Doe" -userprincipalname maurice.doe@acme.org -UsageLocation "AE" –LicenseAssignment CompanyName:STANDARDWOFFPACK  -StrongPasswordRequired $false


Set-MsolUserPassword -UserPrincipalName maurice.doe@acme.org -NewPassword "TheActualPassword" -ForceChangePassword:$False
The main purpose for using this approach was because we wanted to set the user’s password during the creation of the account and second we did not want the user to change his password when he logs in the first time.
Also note that despite the fact that we set strong password to False there are certain password policies that cannot be turned off:
  • Minimum password length is 8
  • Username cannot be used as password or part of the password

Script Construction

To construct the script I used Excel and applied those 2 formulas
="New-MsolUser -DisplayName """ & C2 & """ -FirstName """ & D2 & """ -Lastname """ & E2  & """ -userprincipalname " & A2 & " -UsageLocation ""AE"" –LicenseAssignment CompanyName:STANDARDWOFFPACK  -StrongPasswordRequired $false"


="Set-MsolUserPassword -UserPrincipalName " & D2 & " -NewPassword """ & C2 & """ -ForceChangePassword:$False"
The sample Excel Workbook can be found here:

Running the Script

Simply copy the column where the formulas are applied and paste them into the PowerShell and they will execute sequentially but please make sure you increase the Screen Buffer Size of the PowerShell in order to be able to scroll back and retrieve the error if there was any. See screenchot.
Got to PowerShell properties
C:\Users\charbel\AppData\Local\Temp\SNAGHTMLa720f43.PNG
Go to the Layout Tab and set the buffer to at least 3000 lines. I personally use 9999 which is the maximum allowed.


Comments

Post a Comment