New-NAVServerUser

Creates a new Business Central user.

Syntax

New-NAVServerUser
   [-Tenant <TenantId>]
   -WindowsAccount <String>
   [-FullName <String>]
   [-State <NavUserState>]
   [-ExpiryDate <DateTime>]
   [-ChangePasswordAtNextLogOn]
   [-LicenseType <LicenseType>]
   [-Password <SecureString>]
   [-AuthenticationKey <String>]
   [-AuthenticationEmail <String>]
   [-ContactEmail <String>]
   [-CreateWebServicesKey]
   [-WebServicesKeyExpiryDate <DateTime>]
   [-ProfileId <String>]
   [-ProfileAppId <Guid>]
   [-Company <String>]
   [-LanguageId <String>]
   [-ServerInstance] <String>
   [-Force]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-NAVServerUser
   [-Tenant <TenantId>]
   -Sid <String>
   [-FullName <String>]
   [-State <NavUserState>]
   [-ExpiryDate <DateTime>]
   [-ChangePasswordAtNextLogOn]
   [-LicenseType <LicenseType>]
   [-Password <SecureString>]
   [-AuthenticationKey <String>]
   [-AuthenticationEmail <String>]
   [-ContactEmail <String>]
   [-CreateWebServicesKey]
   [-WebServicesKeyExpiryDate <DateTime>]
   [-ProfileId <String>]
   [-ProfileAppId <Guid>]
   [-Company <String>]
   [-LanguageId <String>]
   [-ServerInstance] <String>
   [-Force]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-NAVServerUser
   [-Tenant <TenantId>]
   -UserName <String>
   [-FullName <String>]
   [-State <NavUserState>]
   [-ExpiryDate <DateTime>]
   [-ChangePasswordAtNextLogOn]
   [-LicenseType <LicenseType>]
   [-Password <SecureString>]
   [-AuthenticationKey <String>]
   [-AuthenticationEmail <String>]
   [-ContactEmail <String>]
   [-CreateWebServicesKey]
   [-WebServicesKeyExpiryDate <DateTime>]
   [-ProfileId <String>]
   [-ProfileAppId <Guid>]
   [-Company <String>]
   [-LanguageId <String>]
   [-ServerInstance] <String>
   [-Force]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-NAVServerUser
   [-Tenant <TenantId>]
   -UserName <String>
   [-FullName <String>]
   [-State <NavUserState>]
   [-ExpiryDate <DateTime>]
   [-AuthenticationKey <String>]
   [-ContactEmail <String>]
   -ApplicationId <Guid>
   [-Company <String>]
   [-LanguageId <String>]
   [-ServerInstance] <String>
   [-Force]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Use the New-NAVServerUser cmdlet to create a new Business Central user. Anonymous accounts such as S-1-1-0 (Everyone) and S-1-5-7 (Anonymous) are not allowed.

Examples

EXAMPLE 1

New-NAVServerUser BC -Sid S-1-5-20

This example creates a new Business Central user based on the built-in NT AUTHORITY\NETWORK SERVICE account in Windows.

EXAMPLE 2

New-NAVServerUser MicrosoftDynamicsNavServer -WindowsAccount Cronus\Chris

This example creates a new Business Central user based on a Windows user account that has the user name Chris from the domain Cronus.

EXAMPLE 3

New-NAVServerUser navserver1 -UserName Chris -Password (Read-Host "Enter password for User1" -AsSecureString) -Verbose

Enter password for User1: ****
VERBOSE: NavCommand.BeginProcessing
VERBOSE: NavCommand.ProcessRecord
VERBOSE: Opening admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1'
VERBOSE: Admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1' has been opened
VERBOSE: Performing operation "New-NavServerUser" on target "ServerInstance = MicrosoftDynamicsNavServer$navserver1
VERBOSE: NavCommand.EndProcessing
VERBOSE: Closing admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1'
VERBOSE: Admin connection to ServerInstance 'MicrosoftDynamicsNavServer$navserver1' has been closed

This example creates a new Business Central user that has the user name Chris and a password that is entered as a secure string (****).

EXAMPLE 4

New-NAVServerUser navserver1 -UserName Chris -Password (ConvertTo-SecureString 'Password1234' -AsPlainText -Force)

This example creates a new Business Central user that has the user name Chris and password Password1234.

EXAMPLE 5

New-NAVServerUser navserver1 -CreateWebServicesKey -UserName Chris -WebServicesKeyExpiryDate '01-01-2014'

This example creates a new Business Central user that has the user name Chris and a web services access key for logging on to Business Central. The web services acces key expires on 01-01-2014.

Parameters

-ApplicationId

Identifies the application this user represents. This requires that the application is registered in Microsoft Entra ID. The application is identified by its "client id" in Microsoft Entra ID.

Type:Guid
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-AuthenticationEmail

Specifies the Microsoft account that this user uses to access Office 365 and SharePoint. The authentication email address must be the Microsoft account that the users log in to Office 365 with, such as an account from Microsoft Entra ID.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AuthenticationKey

Specifies the authentication key for authentication with Windows Azure Access Control Service (ACS). This key must be at least 8 characters and contain combination of uppercase and lowercase letters and numbers. The authentication key is entered by the user the first time that the user logs on to Business Central.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ChangePasswordAtNextLogOn

Forces the user to change the password the next time that the user logs on.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Company

Specifies which of the Business Central companies will be used as the user�s default company in the clients. Be aware that if you set this parameter, you will not be able to remove the user later if desired. You will only be able to disable the user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before executing the command.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ContactEmail

Specifies the contact email address for the Business Central user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CreateWebServicesKey

Creates a web services access key for the user. The web service access key is automatically generated. This parameter is relevant only when Business Central is configured to use either the NavUserPassword or AccessControlService credential type for authenticating users. The web service access key is used instead of a password to authenticate web service requests, such as SOAP and OData.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ExpiryDate

Specifies when the user's access to Business Central expires.

Type:DateTime
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-FullName

Specifies the user's full name. This is typically includes the user's first and last name. On the User card in Business Central, this value appears in the Full Name field. The value typically includes the user's first and last name.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LanguageId

Specifies which of the installed Business Central languages will be used as the user�s default language in the clients. Set the value to a valid language culture name, which typically has the format nn-NN, such as en-US or da-DK. Be aware that if you set this parameter, you will not be able to remove the user later if desired. You will only be able to disable the user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LicenseType

Specifies the license type to assign the user. The parameter has the following values (you can use either the text value or the integer in parenthesis):

Full (0)

Limited (1)

DeviceOnly (2)

WindowsGroup (3) - Use this license type if the Business Central user is based on a Windows group in Active Directory. This user account cannot log on to Business Central. Instead, it is used to map the permission set to the individual Windows users in the Windows user group. You must apply the license type to the individual users in the Windows user group.

External (4)

Type:LicenseType
Accepted values:Full, Limited, DeviceOnly, WindowsGroup, External, ExternalAdmin, ExternalAccountant, Application, AADGroup
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Password

Specifies a protected password for the Business Central user. The password is only used when the credential type for authenticating users who try to access Business Central is set to NavUserPassword.

Type:SecureString
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProfileAppId

Specifies the ID of the extension that defines the profile to assign the user. When assigning a profile from the System scope, don't use this parameter.

Type:Guid
Position:Named
Default value:00000000-0000-0000-0000-000000000000
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProfileId

Specifies the ID of the profile to assign the user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProgressAction

A common PowerShell parameter that determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider. Learn more.

Type:ActionPreference
Aliases:proga
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ServerInstance

Specifies the name of a Business Central Server instance, for example, BC or myinstance. You can specify either the full name of an instance, such as MicrosoftDynamicsNavServer$myinstance or the short name such as myinstance.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Sid

Specifies the security identifier (SID) of the Windows user account for the user that you want to set up as a Business Central user. The SID is a unique value that identifies a Windows user account. You can use the Sid, UserName, or WindowsAccount parameters to create the user. If you use the Sid parameter, then you cannot set the UserName or WindowsAccount parameters.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-State

Specifies the state of the user's account and access to Business Central. The parameters has the following values (you can use either the text value of the integer value in parenthesis:

Enabled (0)

Disabled (1)

Type:NavUserState
Accepted values:Enabled, Disabled
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Tenant

Specifies the ID of the tenant of the Business Central Server instance on which to add the user. You can omit the Tenant parameter only if the Business Central Server instance is not configured to run multiple tenants.

Type:TenantId
Aliases:Id
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-UserName

Specifies the user name for the new Business Central user. The user name appears in the User Name field in a user's account in Business Central. You can use the UserName, WindowsAccount or Sid parameters to identify the user. If you use the Username parameter, then you cannot use the Windows Account or Sid parameters.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WebServicesKeyExpiryDate

Specifies the date and time that the user's web services access key expires.

Type:DateTime
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Describes what would happen if you executed the command without actually executing the command.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WindowsAccount

Specifies the Windows account user name of the user that you want to set up as a Business Central user. The value has the domain\username format. You can use the WindowsAccount, UserName, or Sid parameters to create the user. If you use the WindowsAccount parameter, then you cannot use the UserName or Sid parameters.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

Inputs

System.String

You can pipe a string that contains a Business Central Server instance name to the cmdlet.

Outputs

None

Notes

Because cmdlets do not execute application code, if there is any logic on application objects that are associated with creating or modifying users from the client, be aware that the logic will not be executed when you run the cmdlet.