Back to Documentation

Azure AD PowerShell Commands

Query user properties with Get-AzureADUser

Prerequisites

Install the AzureAD module: Install-Module -Name AzureAD

Connect first: Connect-AzureAD

Basic User Query

PowerShell
# Retrieve the user object based on UPN
$upn = Read-Host 'Enter user email (user@domain.com)'
$user = Get-AzureADUser -Filter "UserPrincipalName eq '$upn'"

# Display all properties of the user
$user | Format-List *

Extended Properties Query

PowerShell
$upn = Read-Host 'Enter user email (user@domain.com)'
$user = Get-AzureADUser -Filter "UserPrincipalName eq '$upn'"
$extensions = Get-AzureADUserExtension -ObjectId $user.ObjectId
$extensions | Format-List

Available Properties Reference

Basic Information

  • ObjectId - Unique identifier
  • UserPrincipalName - User's UPN
  • DisplayName - Display name
  • GivenName - First name
  • Surname - Last name
  • Mail - Email address
  • JobTitle - Job title
  • Department - Department
  • CompanyName - Company name

Contact Information

  • TelephoneNumber - Phone number
  • Mobile - Mobile phone
  • StreetAddress - Street address
  • City - City
  • State - State/Province
  • PostalCode - Postal code
  • Country - Country/Region

Organization

  • Manager - User's manager
  • DirectReports - Direct reports
  • MemberOf - Group memberships

Authentication & Security

  • PasswordPolicies - Password policies
  • PasswordProfile - Password profile
  • AccountEnabled - Account status

Hybrid AD Properties

These properties are available for users synchronized from on-premises Active Directory:

OnPremisesSyncEnabled
OnPremisesLastSyncDateTime
OnPremisesSamAccountName
OnPremisesUserPrincipalName
ImmutableId
ProxyAddresses

Migrating to Microsoft Graph

The AzureAD module is being deprecated. Consider migrating to Microsoft Graph PowerShell for new scripts. See the Microsoft Graph PowerShell guide for equivalent commands.