Managing Users, licenses, guests, contacts Flashcards
(38 cards)
Creating users with Windows PowerShell
$PasswordProfile = @{ Password = ‘User.pw1’ }
New-MgUser –UserPrincipalName AllanD@Adatum.onmicrosoft.com –DisplayName ‘Allan Deyoung’ – GivenName ‘Allan’ –Surname ‘Deyoung’ -PasswordProfile $PasswordProfile -AccountEnabled -MailNickName ‘AllanD’
Import multiple users
This option provides a method for the bulk importation of multiple users into the Microsoft 365 admin center through a comma-separated value (CSV) file.
What roles can assign or remove licenses
Microsoft 365 Global admin and User Management admin roles
How long is the grace period for recovering user information after it has been deleted?
30 Days
To view the number of licenses remaining in m365 admin center
In the Microsoft 365 admin center, on the left-hand navigation pane, select Billing and then select Licenses.
In the Subscriptions tab, note how many licenses are available for each subscription and how many licenses the organization assigned.
To view unlicensed users in M365 admin center
In the Microsoft 365 admin center, on the left-hand navigation pane, select Users and then select Active users.
In the menu bar, select Filter.
In the drop-down menu that appears, note all the various options that you can select to view the users with these respective properties. To view unlicensed users, select Unlicensed users.
Finding unlicensed accounts using Microsoft Graph PowerShell
Get-MgUser -Filter ‘assignedLicenses/$count eq 0’ -ConsistencyLevel eventual -CountVariable unlicensedUserCount -All
Assigning licenses to user accounts with Powershell
Set-MgUserLicense -UserId $userUPN -AddLicenses @{SkuId = “<SkuId>"} -RemoveLicenses @()</SkuId>
Deleting a user account in powershell
Remove-MgUser -UserId ‘5c442efb-5e66-484a-936a-91b6810bed14’
Restore a deleted user account powershell
Restore-MgDirectoryDeletedItem -DirectoryObjectId ‘5c442efb-5e66-484a-936a-91b6810bed14’
Organizations should complete the following steps to bulk create users in Microsoft Entra ID:
In the Microsoft Entra admin center, select Users, and then select All users.
On the Users page, select Bulk operations on the menu bar. In the drop-down menu that appears, select Bulk create.
In the Bulk create users pane that appears, select Download to receive a comma-separated values (CSV) file of user properties. Use this file as a template and add users you want to create.
How to Check status of your bulk operations
On the Users page, under the Manage section in the middle navigation pane, select Bulk operation results.
Verify users with PowerShell
Get-MgUser -Filter “UserType eq ‘Member’”
B2B collaboration
securely share your company’s applications and services with external users, while maintaining control over your own corporate data.
With B2B collaboration, an external user is invited to sign in to your Microsoft Entra organization using their own credentials.
B2B collaboration user
an external user is invited to sign in to your Microsoft Entra organization using their own credentials. This B2B collaboration user can then access the apps and resources you want to share with them. A user object is created for the B2B collaboration user in the same directory as your employees.
External guest.
user has an account in an external Microsoft Entra organization or an external identity provider (such as a social identity), They also have guest-level permissions in the resource organization. The user object created in the resource Microsoft Entra directory has a UserType of Guest.
External member
This B2B collaboration user has an account in an external Microsoft Entra organization or an external identity provider (such as a social identity) and member-level access to resources in your organization.
Internal guest.
setting up internal credentials for them and designating them as guests by setting the user object UserType to Guest.
Internal member.
These users are generally considered employees of your organization. The user authenticates internally through Microsoft Entra ID, and the user object created in the resource Microsoft Entra directory has a UserType of Member.
Roles that can create guest users
Global Administrator role or a limited administrator directory role, such as a Guest Inviter or User Administrator.
To view guest users in the Microsoft 365 admin center,
expand Users in the left-hand navigation pane and then select Guest users.
User Principal Name (UPN)
The UPN for a B2B collaboration user object contains a #EXT# identifier.
User type.
UserType property indicates the relationship of the user to the host tenancy. This property can have two values:
Member. This value indicates an employee of the host organization and a user in the organization’s payroll. For example, this user expects to have access to internal-only sites. This user isn’t considered an external collaborator.
Guest. This value indicates a user who isn’t considered internal to the company, such as an external collaborator, partner, or customer. Such a user isn’t expected to receive a chief executive officer (CEO)’s internal memo or receive company benefits, for example.
Permission level: restricted access
they can view only their own user profile. They don’t have permission to view other users, even if the guest searches by User Principal Name or objectId. Restricted access also restricts guest users from seeing the membership of groups they’re in.
