Users
Interact with Microsoft 365 users.
User management. Equal to and extending Microsoft 365 admin center > Active Users.
Overview
The main table provides an overview of information including display name, email address, licensing, enabled/disabled status, and if the account is AD synchronized. Behind the ellipsis menu user creation date, last sync date, and user GUID are also available.
Actions
Bulk AddInvite GuestAdd UserPer-User Actions:
Account Management Actions
👁 View User
Displays comprehensive user account details in the admin interface
- Read access to user objects - Shows all available user information - Display advanced user account details. [More information]
✏️ Edit User
Modifies user account details and settings: - Basic information - License assignments - Group memberships - Contact details
- Write access to user objects - Can copy group memberships from another user - Changes apply immediately
Delete User
Permanently removes user account
- Administrative privileges required - Irreversible action - Consider backup/archival first
Security Actions
Research Compromised Account
Analyzes Indicators of Compromise (IoC): - Sign-in patterns - Mail rules - Suspicious activities
- Security admin rights - Provides comprehensive security review - Single pane of glass review of common indicators of compromise (IoC) [More information]
Create Temporary Access Password
Creates temporary password for passwordless enrollment
- Time-limited access - Create a temporary password to allow full passwordless enrollment. [More information]
Re-require MFA registration
Forces new MFA setup by: - Resetting MFA status to Enabled - Requiring new registration
- User must complete new MFA setup - Affects all MFA methods - Authentication Methods must be migrated from legacy - You will need Security Defaults or a CA policy and registration campaign to force registration again
Send MFA Push
Sends test MFA prompt to user's devices
- Verifies MFA configuration - Tests user's registered devices
Set Per-User MFA
Configures MFA state: - Enforced - Enabled - Disabled
- Overrides tenant-level settings - Immediate effect on sign-ins
Block Sign In
Prevents account access
- Immediate effect - Doesn't affect existing sessions
Unblock Sign In
Restores account access
- Immediate effect - User can sign in again
Revoke all user sessions
Forces re-authentication on all devices
- Terminates all active sessions - Requires new sign-in everywhere
Password Management
Reset Password (Must Change)
Sets random password and forces change
- User must create new password at next login - Example format: 2WcAu%VMy89P
Reset Password
Sets new random password
- Password immediately active - No change requirement
Mail and Communication
Convert to Shared Mailbox
Transforms user mailbox to shared type
- Requires Exchange Online license - Maintains data and access
Enable Online Archive
Activates archival mailbox
- Requires appropriate license - Additional storage space
Set Out of Office
Configures automatic replies
- Single message for internal/external - No HTML formatting Note: Setting a different internal and external autoreply is currently not supported
Disable Out of Office
Removes automatic replies
- Immediate effect - Clears all auto-reply settings
Disable Email Forwarding
Removes all email forwarding rules
- Clears ForwardingAddress - Clears ForwardingSMTPAddress
OneDrive Management
Pre-provision OneDrive
Initializes OneDrive storage
- No user login required - Speeds up first access
Add OneDrive Shortcut
Creates SharePoint site shortcut
- Adds to OneDrive root - Requires existing OneDrive
Group and Directory Management
Add to Group
Assigns user to specified group(s)
- Immediate membership - Inherits group permissions
Clear Immutable ID
Breaks on-premises AD sync
- Sets onPremisesImmutableId to null - Stops directory synchronization
Information Access
More info
Opens Extended Info panel showing: - Common profile fields - Additional actions
- Quick access to key information - Alternative action access point
Note that clicking one of these actions will present a confirmation modal dialog.
Create Temporary Access Password
Create a temporary access password for a user to enroll in passwordless for Azure Active Directory.
Both passwordless authentication and the temporary access password function must be enabled on the tenant. See AzureAD: Configure Temporary Access Pass in Azure AD to register Passwordless authentication methods
Query String Support
The Add User has the ability to be form filled via URL query strings. This table shows all supported query strings. For example https://yourcipp.app/identity/administration/users/add?customerId=Mydomain.onmicrosoft.com&city=Rotterdam would automatically fill in the city for a user.
customerId
Client Tenant ID(Only required field)
businessPhones
Business Phone Number
city
User City Location
companyName
Company Name
country
Country
department
Department
displayName
Display Name
givenName
First Name
jobTitle
Job Title
mailNickname
Username before the email address part(User<@domain.com>)
mobilePhone
Mobile Phone Number
addedAliasses
Added Aliasses, Multiple allowed via linebreak(%0A)
postalCode
Zip or post code
streetAddress
Address information
surname
Last Name
usageLocation
User location for license, can be left blank for default.
primDomain
User Primary Domain (User<@domain.com>)
MustChangePass
Boolean, default is false.
AutoTask LiveLink
If you want to create your own LiveLink you can use the QueryString below.
Feature Requests / Ideas
We value your feedback and ideas. Please raise any feature requests on GitHub.
Last updated
Was this helpful?