Users
Interact with Microsoft 365 users.
User management. Equal to and extending Microsoft 365 admin center > Active Users.
Overview
The main table provides an overview of information including display name, email address, licensing, enabled/disabled status, and if the account is AD synchronized. Behind the ellipsis menu user creation date, last sync date, and user GUID are also available.
Actions
Bulk AddInvite GuestAdd UserPer-User Actions:
👁 View User
Display advanced user account details. [More information]
✏️Edit User
Allows editing user details, same as user edit view from Microsoft 365 admin. Additionally, you can copy group membership to the target user from another active user.
Research Compromised Account
Single pane of glass review of common indicators of compromise (IoC) [More information]
Create Temporary Access Password
Create a temporary password to allow full passwordless enrollment. [More information]
Re-require MFA registration
Sets user legacy MFA status to Enabled
Send MFA Push
Sends an MFA approval prompt to a user's registered devices. A simple way to verify functionality.
Set Per-User MFA
Sets the per-user MFA state for the selected user(s). Available options are "Enforced", "Enabled", or "Disabled".
Convert to Shared Mailbox
Convert a mailbox to shared.
Enable Online Archive
Enables the online archive for this user's mailbox.
Set Out of Office
Set an out of office message for the user or shared mailbox. Note: Setting a different internal and external autoreply is currently not supported
Disable Out of Office
Disables out of office message for the user or shared mailbox.
Add to Group
Add user to a group.
Disable Email Forwarding
Disables all email forwarding set both ForwardingAddress and ForwardingSMTPAddress to $null
Pre-provision OneDrive
This will start the provisioning of the user's OneDrive without a need for the user's first login.
Add OneDrive Shortcut
Adds a OneDrive shortcut in the root of the users OneDrive to a SharePoint site.
Block Sign In
Disable account sign in.
Unblock Sign In
Enable account sign in.
Reset Password (Must Change)
Reset account password to a random value (Example: 2WcAu%VMy89P
) and require user to set a new password on login.
Reset Password
Reset account password to a random value (Example: 2WcAu%VMy89P
).
Clear Immutable ID
Sets the user's onPremisesImmutableId to $null to break the sync of the object from on-premises Active Directory.
Revoke all user sessions
Revoke all sessions, requiring user to sign in again.
Delete User
Delete user account.
More info
Opens the Extended Info flyout panel for the user which shows some of the more common profile fields for the user. The other per-user actions are also listed at the bottom of this window.
Note that clicking one of these actions will present a confirmation modal dialog.
View user details
Displays details about the user account.
Azure AD user attributes (Names, Job Title, Address, Phone)
Last sign in details
Sign in logs
Conditional access details
Email usage
OneDrive usage
Email settings
Devices
Groups
Research Compromised Account
The Business Email Compromise Overview retrieves common data used when reviewing a possibly-compromised account.
For more in-depth analysis, Hawk is well-regarded.
Data Retrieved
User devices (including first sync time)
Recently added email forwarding rules
Recently added users
User last logon details
Recent password changes
Mailbox permission changes
Application changes
Mailbox logons
If an account appears compromised, Remediate User performs the following actions:
Block user signin
Reset user password
Disconnect all current sessions
Disable all inbox rules for the user
Create Temporary Access Password
Create a temporary access password for a user to enroll in passwordless for Azure Active Directory.
Both passwordless authentication and the temporary access password function must be enabled on the tenant. See AzureAD: Configure Temporary Access Pass in Azure AD to register Passwordless authentication methods
Query String Support
The Add User has the ability to be form filled via URL query strings. This table shows all supported query strings. For example https://yourcipp.app/identity/administration/users/add?customerId=Mydomain.onmicrosoft.com&city=Rotterdam would automatically fill in the city for a user.
customerId
Client Tenant ID(Only required field)
businessPhones
Business Phone Number
city
User City Location
companyName
Company Name
country
Country
department
Department
displayName
Display Name
givenName
First Name
jobTitle
Job Title
mailNickname
Username before the email address part(User<@domain.com>)
mobilePhone
Mobile Phone Number
addedAliasses
Added Aliasses, Multiple allowed via linebreak(%0A)
postalCode
Zip or post code
streetAddress
Address information
surname
Last Name
usageLocation
User location for license, can be left blank for default.
primDomain
User Primary Domain (User<@domain.com>)
MustChangePass
Boolean, default is false.
AutoTask LiveLink
If you want to create your own LiveLink you can use the QueryString below.
Last updated