New-NAVServerUser
Creates a new Business Central user.
Syntax
New-NAVServerUser
[-Tenant <TenantId>]
-WindowsAccount <String>
[-FullName <String>]
[-State <NavUserState>]
[-ExpiryDate <DateTime>]
[-ChangePasswordAtNextLogOn]
[-LicenseType <LicenseType>]
[-Password <SecureString>]
[-AuthenticationKey <String>]
[-AuthenticationEmail <String>]
[-ContactEmail <String>]
[-CreateWebServicesKey]
[-WebServicesKeyExpiryDate <DateTime>]
[-ProfileId <String>]
[-ProfileAppId <Guid>]
[-Company <String>]
[-LanguageId <String>]
[-ServerInstance] <String>
[-Force]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-NAVServerUser
[-Tenant <TenantId>]
-Sid <String>
[-FullName <String>]
[-State <NavUserState>]
[-ExpiryDate <DateTime>]
[-ChangePasswordAtNextLogOn]
[-LicenseType <LicenseType>]
[-Password <SecureString>]
[-AuthenticationKey <String>]
[-AuthenticationEmail <String>]
[-ContactEmail <String>]
[-CreateWebServicesKey]
[-WebServicesKeyExpiryDate <DateTime>]
[-ProfileId <String>]
[-ProfileAppId <Guid>]
[-Company <String>]
[-LanguageId <String>]
[-ServerInstance] <String>
[-Force]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-NAVServerUser
[-Tenant <TenantId>]
-UserName <String>
[-FullName <String>]
[-State <NavUserState>]
[-ExpiryDate <DateTime>]
[-ChangePasswordAtNextLogOn]
[-LicenseType <LicenseType>]
[-Password <SecureString>]
[-AuthenticationKey <String>]
[-AuthenticationEmail <String>]
[-ContactEmail <String>]
[-CreateWebServicesKey]
[-WebServicesKeyExpiryDate <DateTime>]
[-ProfileId <String>]
[-ProfileAppId <Guid>]
[-Company <String>]
[-LanguageId <String>]
[-ServerInstance] <String>
[-Force]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-NAVServerUser
[-Tenant <TenantId>]
-UserName <String>
[-FullName <String>]
[-State <NavUserState>]
[-ExpiryDate <DateTime>]
[-AuthenticationKey <String>]
[-ContactEmail <String>]
-ApplicationId <Guid>
[-Company <String>]
[-LanguageId <String>]
[-ServerInstance] <String>
[-Force]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Use the New-NAVServerUser cmdlet to create a new Business Central user. Anonymous accounts such as S-1-1-0 (Everyone) and S-1-5-7 (Anonymous) are not allowed.
Examples
EXAMPLE 1
New-NAVServerUser BC -Sid S-1-5-20This example creates a new Business Central user based on the built-in NT AUTHORITY\NETWORK SERVICE account in Windows.
EXAMPLE 2
New-NAVServerUser MicrosoftDynamicsNavServer -WindowsAccount Cronus\ChrisThis example creates a new Business Central user based on a Windows user account that has the user name Chris from the domain Cronus.
EXAMPLE 3
New-NAVServerUser navserver1 -UserName Chris -Password (Read-Host "Enter password for User1" -AsSecureString) -Verbose
Enter password for User1: ****
VERBOSE: NavCommand.BeginProcessing
VERBOSE: NavCommand.ProcessRecord
VERBOSE: Opening admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1'
VERBOSE: Admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1' has been opened
VERBOSE: Performing operation "New-NavServerUser" on target "ServerInstance = MicrosoftDynamicsNavServer$navserver1
VERBOSE: NavCommand.EndProcessing
VERBOSE: Closing admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1'
VERBOSE: Admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1' has been closedThis example creates a new Business Central user that has the user name Chris and a password that is entered as a secure string (****).
EXAMPLE 4
New-NAVServerUser navserver1 -UserName Chris -Password (ConvertTo-SecureString 'Password1234' -AsPlainText -Force)This example creates a new Business Central user that has the user name Chris and password Password1234.
EXAMPLE 5
New-NAVServerUser navserver1 -CreateWebServicesKey -UserName Chris -WebServicesKeyExpiryDate '01-01-2014'This example creates a new Business Central user that has the user name Chris and a web services access key for logging on to Business Central. The web services acces key expires on 01-01-2014.
Parameters
-ApplicationId
Identifies the application this user represents. This requires that the application is registered in Microsoft Entra ID. The application is identified by its "client id" in Microsoft Entra ID.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AuthenticationEmail
Specifies the Microsoft account that this user uses to access Office 365 and SharePoint. The authentication email address must be the Microsoft account that the users log in to Office 365 with, such as an account from Microsoft Entra ID.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AuthenticationKey
Specifies the authentication key for authentication with Windows Azure Access Control Service (ACS). This key must be at least 8 characters and contain combination of uppercase and lowercase letters and numbers. The authentication key is entered by the user the first time that the user logs on to Business Central.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ChangePasswordAtNextLogOn
Forces the user to change the password the next time that the user logs on.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Company
Specifies which of the Business Central companies will be used as the user�s default company in the clients. Be aware that if you set this parameter, you will not be able to remove the user later if desired. You will only be able to disable the user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before executing the command.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ContactEmail
Specifies the contact email address for the Business Central user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CreateWebServicesKey
Creates a web services access key for the user. The web service access key is automatically generated. This parameter is relevant only when Business Central is configured to use either the NavUserPassword or AccessControlService credential type for authenticating users. The web service access key is used instead of a password to authenticate web service requests, such as SOAP and OData.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExpiryDate
Specifies when the user's access to Business Central expires.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FullName
Specifies the user's full name. This is typically includes the user's first and last name. On the User card in Business Central, this value appears in the Full Name field. The value typically includes the user's first and last name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LanguageId
Specifies which of the installed Business Central languages will be used as the user�s default language in the clients. Set the value to a valid language culture name, which typically has the format nn-NN, such as en-US or da-DK. Be aware that if you set this parameter, you will not be able to remove the user later if desired. You will only be able to disable the user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LicenseType
Specifies the license type to assign the user. The parameter has the following values (you can use either the text value or the integer in parenthesis):
Full (0)
Limited (1)
DeviceOnly (2)
WindowsGroup (3) - Use this license type if the Business Central user is based on a Windows group in Active Directory. This user account cannot log on to Business Central. Instead, it is used to map the permission set to the individual Windows users in the Windows user group. You must apply the license type to the individual users in the Windows user group.
External (4)
| Type: | LicenseType |
| Accepted values: | Full, Limited, DeviceOnly, WindowsGroup, External, ExternalAdmin, ExternalAccountant, Application, AADGroup |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
Specifies a protected password for the Business Central user. The password is only used when the credential type for authenticating users who try to access Business Central is set to NavUserPassword.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProfileAppId
Specifies the ID of the extension that defines the profile to assign the user. When assigning a profile from the System scope, don't use this parameter.
| Type: | Guid |
| Position: | Named |
| Default value: | 00000000-0000-0000-0000-000000000000 |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProfileId
Specifies the ID of the profile to assign the user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
A common PowerShell parameter that determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider. Learn more.
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ServerInstance
Specifies the name of a Business Central Server instance, for example, BC or myinstance. You can specify either the full name of an instance, such as MicrosoftDynamicsNavServer$myinstance or the short name such as myinstance.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Sid
Specifies the security identifier (SID) of the Windows user account for the user that you want to set up as a Business Central user. The SID is a unique value that identifies a Windows user account. You can use the Sid, UserName, or WindowsAccount parameters to create the user. If you use the Sid parameter, then you cannot set the UserName or WindowsAccount parameters.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-State
Specifies the state of the user's account and access to Business Central. The parameters has the following values (you can use either the text value of the integer value in parenthesis:
Enabled (0)
Disabled (1)
| Type: | NavUserState |
| Accepted values: | Enabled, Disabled |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Tenant
Specifies the ID of the tenant of the Business Central Server instance on which to add the user. You can omit the Tenant parameter only if the Business Central Server instance is not configured to run multiple tenants.
| Type: | TenantId |
| Aliases: | Id |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-UserName
Specifies the user name for the new Business Central user. The user name appears in the User Name field in a user's account in Business Central. You can use the UserName, WindowsAccount or Sid parameters to identify the user. If you use the Username parameter, then you cannot use the Windows Account or Sid parameters.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WebServicesKeyExpiryDate
Specifies the date and time that the user's web services access key expires.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Describes what would happen if you executed the command without actually executing the command.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WindowsAccount
Specifies the Windows account user name of the user that you want to set up as a Business Central user. The value has the domain\username format. You can use the WindowsAccount, UserName, or Sid parameters to create the user. If you use the WindowsAccount parameter, then you cannot use the UserName or Sid parameters.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
System.String
You can pipe a string that contains a Business Central Server instance name to the cmdlet.
Outputs
None
Notes
Because cmdlets do not execute application code, if there is any logic on application objects that are associated with creating or modifying users from the client, be aware that the logic will not be executed when you run the cmdlet.