Users

Interact with Microsoft 365 users.

User management. Equal to and extending Microsoft 365 admin center > Active Users.

Overview

The main table provides an overview of information including display name, email address, licensing, enabled/disabled status, and if the account is AD synchronized. Behind the ellipsis menu user creation date, last sync date, and user GUID are also available.

Actions

Add user.

Per-User actions:

Field Description

Field	Description
👁 View user details	Display advanced user account details. [More information]
✍️ Edit user	Allows editing user details, same as user edit view from Microsoft 365 admin. Additionally, you can copy group membership to the target user from another active user.
Research Compromised Account	Single pane of glass review of common indicators of compromise (IoC) [More information]
Create Temporary Access Password	Create a temporary password to allow full passwordless enrollment. [More information]
Rerequire MFA registration	Sets user legacy MFA status to Enabled
Create OneDrive ShortCut	Creates a OneDrive shortcut in the root of the users OneDrive to a SharePoint site.
Send MFA push	Sends an MFA approval prompt to a users registered devices. A simple way to verify functionality.
Convert to Shared Mailbox	Convert a mailbox to shared.
Set Out of Office	Set an out of office message for the user or shared mailbox. Note: Setting a different internal and external autoreply is currently not supported
Disable Out of Office	Disables out of office message for the user or shared mailbox.
Disable Email Forwarding	Disables all email forwaeding set both ForwardingAddress and ForwardingSMTPAddress to $null
Block Sign In	Disable account sign in.
Reset Password (Must Change)	Reset account password to a random value (Example: `2WcAu%VMy89P`) and require user to set a new password on login.
Reset Password	Reset account password to a random value (Example: `2WcAu%VMy89P`).
Revoke all user sessions	Revoke all sessions, requiring user to sign in again.
Delete User	Delete user account.

👁 View user details

Display advanced user account details. [More information]

✍️ Edit user

Allows editing user details, same as user edit view from Microsoft 365 admin. Additionally, you can copy group membership to the target user from another active user.

Research Compromised Account

Single pane of glass review of common indicators of compromise (IoC) [More information]

Create Temporary Access Password

Create a temporary password to allow full passwordless enrollment. [More information]

Rerequire MFA registration

Sets user legacy MFA status to Enabled

Create OneDrive ShortCut

Creates a OneDrive shortcut in the root of the users OneDrive to a SharePoint site.

Send MFA push

Sends an MFA approval prompt to a users registered devices. A simple way to verify functionality.

Convert to Shared Mailbox

Convert a mailbox to shared.

Set Out of Office

Set an out of office message for the user or shared mailbox. Note: Setting a different internal and external autoreply is currently not supported

Disable Out of Office

Disables out of office message for the user or shared mailbox.

Disable Email Forwarding

Disables all email forwaeding set both ForwardingAddress and ForwardingSMTPAddress to $null

Block Sign In

Disable account sign in.

Reset Password (Must Change)

Reset account password to a random value (Example: 2WcAu%VMy89P) and require user to set a new password on login.

Reset Password

Reset account password to a random value (Example: 2WcAu%VMy89P).

Revoke all user sessions

Revoke all sessions, requiring user to sign in again.

Delete User

Delete user account.

Note that clicking one of these actions will present a confirmation modal dialog.

View user details

Displays details about the user account.

Azure AD user attributes (Names, Job Title, Address, Phone)
Last sign in details
Sign in logs
Conditional access details
Email usage
OneDrive usage
Email settings
Devices
Groups

Research Compromised Account

The Business Email Compromise Overview retrieves common data used when reviewing a possibly-compromised account.

For more in-depth analysis, Hawk is well-regarded.

Data Retrieved

User devices (including first sync time)
Recently added email forwarding rules
Recently added users
User last logon details
Recent password changes
Mailbox permission changes
Application changes
Mailbox logons

If an account appears compromised, Remediate User performs the following actions:

Block user signin
Reset user password
Disconnect all current sessions
Disable all inbox rules for the user

Create Temporary Access Password

Create a temporary access password for a user to enroll in passwordless for Azure Active Directory.

Both passwordless authentication and the temporary access password function must be enabled on the tenant. See AzureAD: Configure Temporary Access Pass in Azure AD to register Passwordless authentication methods

Query String Support

The Add User has the ability to be form filled via URL query strings. This table shows all supported query strings. For example https://yourcipp.app/identity/administration/users/add?customerId=Mydomain.onmicrosoft.com&city=Rotterdam would automatically fill in the city for a user.

QueryString	Field
customerId	Client Tenant ID(Only required field)
businessPhones	Business Phone Number
city	User City Location
companyName	Company Name
country	Country
department	Department
displayName	Display Name
givenName	First Name
jobTitle	Job Title
mailNickname	Username before the email address part(User<@domain.com>)
mobilePhone	Mobile Phone Number
addedAliasses	Added Aliasses, Multiple allowed via linebreak(%0A)
postalCode	Zip or post code
streetAddress	Address information
surname	Last Name
usageLocation	User location for license, can be left blank for default.
primDomain	User Primary Domain (User<@domain.com>)
MustChangePass	Boolean, default is false.

QueryString

Field

customerId

Client Tenant ID(Only required field)

businessPhones

Business Phone Number

city

User City Location

companyName

Company Name

country

Country

department

Department

displayName

Display Name

givenName

First Name

jobTitle

Job Title

mailNickname

Username before the email address part(User<@domain.com>)

mobilePhone

Mobile Phone Number

addedAliasses

Added Aliasses, Multiple allowed via linebreak(%0A)

postalCode

Zip or post code

streetAddress

Address information

surname

Last Name

usageLocation

User location for license, can be left blank for default.

primDomain

User Primary Domain (User<@domain.com>)

MustChangePass

Boolean, default is false.

AutoTask LiveLink

The LiveLink for Autotask can be found in the AXN store. If you want to create your own LiveLink you can use the QueryString below.

?city=<CITY>&country=<COUNTRY>&customerId=<UDF-TenantId(tblCustomers)>&primDomain=<ACCOUNTWEBSITEADDRESS>&usageLocation=NL&streetAddress=<ACCOUNTADDRESS1>&companyName=<ACCOUNTNAME>&businessPhones=<ACCOUNTPHONE>&postalCode=<ACCOUNTPOSTALCODE>&givenName=<CONTACTFIRSTNAME>&surname=<CONTACTLASTNAME>

Feature Requests / Ideas

Please raise any feature requests on GitHub.

PreviousAdministration NextGroups

Last updated 8 months ago