Change and Delete Office 365 User Accounts with PowerShell
In this Ask the Admin, I’ll show you how to delete Office 365 users, change user properties, and restore users from the recycle bin using Windows PowerShell.
Today I’m going to continue where we left off in Create, List, and Assign Licenses to Office 365 Users with Windows PowerShell on the Petri IT Knowledgebase, with some more basic operations for managing Office 365 user accounts.
As always with PowerShell, before you can use it to manage Office 365, you’ll need to prepare your management PC if you haven’t already done so. Make sure that Microsoft Online Service Sign-in Assistant for IT Professionals RTW and either Azure Active Directory Module for Windows PowerShell (32-bit version) or Azure Active Directory Module for Windows PowerShell (64-bit version) are installed on your management PC.
For more detailed information on setting up PowerShell to manage Office 365, see How to Install the Windows PowerShell Cmdlets for Windows Azure AD and Office 365 on the Petri IT Knowledgebase.
Set or Change Password and UserPrincipalName
There are two specific cmdlets for setting user passwords and the UserPrincipalName parameter: Set-MsolUserPassword and Set-MsolUserPrincipalName respectively. Additionally, Set-MsolUserLicense should be used to change users’ licenses and is covered in my previous article.
First, make sure you are connected to your Office 365 subscription by running the cmdlet below in a PowerShell window, and entering your tenant account credentials when prompted:
To set a randomly generated password for an existing user account, type the cmdlet that follows and press ENTER, replacing email@example.com with the UserPrincipalName for the account on which you want to set a password:
To determine the password yourself and require the user to change it when they log in for the first time:
Don't forget that if you have Office 365 configured to require complex passwords, any password you try to enter using Set-MsolUserPassword, cannot be contained in the password history and must have:
- at least one lowercase character and uppercase character
- at least one non-alphanumeric character
- no spaces, tabs, or line breaks
- between 8-16 characters
Change UserPrincipalNameTo change a user's UserPrincipalName, run Set-MsolUserPrincipalName, replacing the values for –UserPrincipalName and -NewUserPrincipalName as appropriate:
To change any other account parameters, such as FirstName and DisplayName, you'll need to use the Set-MsolUser cmdlet.
Change User Account ParametersTo change a user’s FirstName, LastName and DisplayName properties to match the change in UserPrincipalName that we made above:
Disable a User AccountSet-MsolUser can also be used to disable user accounts:
To get a full list of the properties that can be changed using Set-MsolUser, run:
Delete and Restore User AccountsThe following cmdlet removes firstname.lastname@example.org from the directory, and sends it to the recycle bin. User accounts stay in the recycle bin for thirty days before they are permanently deleted.
Alternatively, you can permanently delete a user account by adding the –RemoveFromRecycleBin parameter:
Restore a User AccountTo get a list of users in the recycle bin:
And to restore a deleted user that's still in the recycle bin:
More in Office 365
Microsoft Launches Office 365 Government Secret Cloud to Handle Classified Data
Jan 31, 2023 | Rabia Noureen
Collaborating with Microsoft 365: File Sharing, Real-Time Co-Authoring, and Microsoft Loop Components
Jan 20, 2023 | Michael Reinders
M365 Changelog: (Updated) Loop components in Outlook Mail Preview
Oct 22, 2022 | Rabia Noureen
How to Schedule an Email in Outlook
Sep 14, 2022 | Siji Roy
ESPC22 Conference Discount for Petri Readers
Sep 6, 2022 | Russell Smith
Microsoft Defender for Office 365 Gets Differentiated Protection for Priority Accounts
Apr 14, 2022 | Rabia Noureen
Most popular on petri