There are many ways to invite external users and add them as guest users in Azure AD. The guest users can use Microsoft 365 apps and services as much as internal users with Azure AD B2B collaboration. In this post, we will explore how to invite an external user and add guest users in bulk to Azure AD using PowerShell.
We can use the New-AzureADMSInvitation cmdlet to send guest user invitations. Install the latest Azure AD PowerShell module and run the following command to connect the module.
Connect-AzureAD
Summary
- Invite a new external user to Azure AD
- List Guest Users and Check the invitatation status
- Bulk Invite Guest Users to Azure AD
- Remove Guest Users from Azure AD
Invite a new external user to Azure AD
Run the following commands to send an invitation to the given guest user account.
$GuestUserName = "Alex Wilber"
$GuestUserEmail = "[email protected]"
New-AzureADMSInvitation -InvitedUserDisplayName $GuestUserName -InvitedUserEmailAddress $GuestUserEmail -InviteRedirectURL https://myapps.microsoft.com -SendInvitationMessage $true
List Guest Users and Check the invitatation status
The above commands perform two operations, first send an invitation to the specified external user email address, and add a user object entry for the invited user in Azure AD. We can use the Get-AzureADUser cmdlet to list all the guest users and verify the user acceptance status.
Get-AzureADUser -Filter "UserType eq 'Guest'" | Select DisplayName, UserState, UserPrincipalName
We can apply a filter with a display name or email address to retrieve the specific guest user details.
Get-AzureADUser -Filter "Mail eq '[email protected]'" | FL
Bulk Invite Guest Users to Azure AD using PowerShell
The New-AzureADMSInvitation cmdlet can be used to send an invite to a single user. In a large environment, we may need to send an invite for bulk external users. Create the CSV file “GuestUsers.csv” (Download sample CSV) with the column headers UserName and EmailAddress. Add the guest users (username and email address) in each row of the CSV file. The below script imports the guest users from CSV and sends the external user invitation one by one.
#Read external users from CSV file
$GuestUsers = Import-CSV "C:\Temp\GuestUsers.csv"
$i = 0;
$TotalUsers = $GuestUsers.Count
#Iterate users and send guest invite one by one
Foreach($GuestUser in $GuestUsers)
{
$GuestUserName = $GuestUser.'UserName'
$GuestUserEmail = $GuestUser.'EmailAddress'
$i++;
Write-Progress -activity "Processing $GuestUserName - $GuestUserEmail" -status "$i out of $TotalUsers completed"
Try
{
#Send invite
$InviteResult = New-AzureADMSInvitation -InvitedUserDisplayName $GuestUserName -InvitedUserEmailAddress $GuestUserEmail -InviteRedirectURL https://myapps.microsoft.com -SendInvitationMessage $true
Write-Host "Invitation sent to $GuestUserName ($GuestUserEmail)" -f Green
}
catch
{
Write-Host "Error occurred for $GuestUserName ($GuestUserEmail)" -f Yellow
Write-Host $_ -f Red
}
}
Remove Guest Users from Azure AD
When a guest user is no longer needed in your organization, you can delete the guest user account from Azure AD. We can use the Remove-AzureADUser cmdlet to delete a user account.
# Syntax
# Remove-AzureADUser -ObjectId "<UPN or Id of the guest user>"
Remove-AzureADUser -ObjectId "alexw_externaldomain.com#EXT#@contoso.onmicrosoft.com"