Get-MsolUser
Gets users from Azure Active Directory.
Syntax
Get-MsolUser
[-ReturnDeletedUsers]
[-City <String>]
[-Country <String>]
[-Department <String>]
[-DomainName <String>]
[-EnabledFilter <UserEnabledFilter>]
[-State <String>]
[-Synchronized]
[-Title <String>]
[-HasErrorsOnly]
[-LicenseReconciliationNeededOnly]
[-UnlicensedUsersOnly]
[-UsageLocation <String>]
[-SearchString <String>]
[-MaxResults <Int32>]
[-TenantId <Guid>]
[<CommonParameters>] Get-MsolUser
-ObjectId <Guid>
[-ReturnDeletedUsers]
[-TenantId <Guid>]
[<CommonParameters>] Get-MsolUser
[-ReturnDeletedUsers]
-UserPrincipalName <String>
[-TenantId <Guid>]
[<CommonParameters>] Get-MsolUser
[-ReturnDeletedUsers]
[-City <String>]
[-Country <String>]
[-Department <String>]
[-DomainName <String>]
[-EnabledFilter <UserEnabledFilter>]
[-State <String>]
[-Synchronized]
[-Title <String>]
[-HasErrorsOnly]
[-LicenseReconciliationNeededOnly]
[-UnlicensedUsersOnly]
[-UsageLocation <String>]
[-SearchString <String>]
[-All]
[-TenantId <Guid>]
[<CommonParameters>] Description
The Get-MsolUser cmdlet gets an individual user or list of users. Specify the ObjectId or UserPrincipalName parameter to get a specific user.
Examples
Example 1: Get all users
PS C:\> Get-MsolUserThis command retrieves all users in the company. It displays up to the default value of 500 results.
Example 2: Get enabled users
PS C:\> Get-MsolUser -EnabledFilter EnabledOnly -MaxResults 2000This command gets up to 2000 enabled users.
Example 3: Get a user by UPN
PS C:\> Get-MsolUser -UserPrincipalName "davidchew@contoso.com"This command retrieves the user with the UPN davidchew@contoso.com.
Example 4: Get a user by object ID
PS C:\> Get-MsolUser -ObjectId aaaaaaaa-0000-1111-2222-bbbbbbbbbbbbThis command retrieves a user that has the specified object ID.
Example 5: Get users by search String
PS C:\> Get-MsolUser -SearchString "David"This command retrieves a list of users with David in the display name or email address.
Example 6: Get preferred data location of a user
PS C:\> Get-MsolUser -UserPrincipalName "davidchew@contoso.onmicrosoft.com" | Select PreferredDataLocationThis command returns the preferred data location of a user.
Parameters
-All
Indicates that this cmdlet returns all results. Do not specify together with the MaxResults parameter.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-City
Specifies the city to filter results on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Country
Specifies the country or region to filter results on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Department
Specifies the department to filter results on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DomainName
Specifies the domain to filter results on. This must be a verified domain for the company. All users with an email address, primary or secondary, on this domain is returned.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnabledFilter
Specifies the filter for enabled or disabled users. Valid values are All, EnabledOnly, and DisabledOnly.
| Type: | UserEnabledFilter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HasErrorsOnly
Inidates that this cmdlet returns only users that have validation errors.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LicenseReconciliationNeededOnly
Indicates that this cmdlet filter for only users that require license reconciliation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MaxResults
Specifies the maximum number of results that this cmdlet returns. The default value is 500.
| Type: | Int32 |
| Position: | Named |
| Default value: | 500 |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ObjectId
Specifies the unique object ID of the user to get.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ReturnDeletedUsers
Indicates that this cmdlet returns only users in the recycling bin.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SearchString
Specifies a string to match email address or display name starting with this string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-State
Specifies the filter for the state of the user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Synchronized
Indicates that this cmdlet returns only users who are synchronized through Azure Active Directory Sync.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantId
Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Title
Speicifies the filter for the title of the user.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UnlicensedUsersOnly
Indicates that this cmdlet returns only users who are not assigned a license.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UsageLocation
Specifies the filter for the country or region where the services are consumed by the user. Specify a two-letter country or region code.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UserPrincipalName
Speicifies the user ID of the user to retrieve.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Outputs
Microsoft.Online.Administration.User
This cmdlet returns user objects, which include the following information:
AlternateEmailAddresses. Alternate email address of the user (external to Azure Active Directory).
BlockCredential. Whether or not the user is able to sign in.
City. The user's city.
Country. The user's country or region.
Department. The user's department.
DisplayName. The user's display name.
Errors. An array of errors. These are validation errors that may result in loss of services.
Fax. The user's fax number.
FirstName. The user's first name.
ImmutableID. Only returned for federated users. This is the ID that is required to be federated with Azure Active Directory.
isBlackBerryUser. Returns whether or not the user has a BlackBerry device.
isLicensed. Whether or not the user has any licenses assigned.
LastDirSyncTime. The date and time of the last directory synchronization (only returned from users synced with Azure Active Directory through Active Directory synchronization).
LastPasswordChangeTimestamp. The most recent time at which a password change for the user was registered in Azure Active Directory.
LastName. The user's last name.
LicenseReconciliationNeeded. Whether or not the user currently has a mailbox without a license. In this case, the user should be licensed with 30 days to avoid losing their mailbox.
Licenses. A list of the user's licenses.
LiveID. The user's unique login ID.
MobilePhone. The user's mobile phone number.
ObjectId. The user's unique ID.
Office. The user's office number.
OverallProvisioningStatus. Whether or not the user has been provisioned for their services.
PasswordNeverExpires. Whether the user's password should be forced to change every 90 days.
PhoneNumber. The user's phone number.
PostalCode. The user's postal code.
PreferredDataLocation. The user's preferred data location.
PreferredLanguage. The user's preferred language.
ProxyAddresses. The proxy addresses associated with this user.
State. The user's state.
StreetAddress. The user's street address.
StrongPasswordRequired. Whether the user is required to set a strong password when they change their password. Strong passwords are recommended.
Title. The user's title.
UsageLocation. The country or region where the services are consumed by the user. This must be a two letter country or region code.
UserPrincipalName. The user ID of the user.
ValidationStatus. Whether or not the user has any errors.