Bulk User Maintenance in Microsoft Entra ID
Cloud and systems engineer with a strong foundation in networking, automation, and infrastructure design. I write about real-world challenges, best practices, and evolving trends in cloud computing, system administration, and network architecture.
π 1. Prerequisites
Roles needed: Global Administrator or User Administrator.
Tooling options:
Microsoft Entra admin center (GUI).
Microsoft Graph PowerShell (scripting).
Data format: CSV (Comma-Separated Values).
π₯ 2. Bulk User Creation
π CSV Template Rules
Row 1 β Version number (mandatory).
Row 2 β Column headings:
- Example:
Name [displayName] Required
- Example:
Row 3 β Example values (must be deleted before upload).
From Row 4 β Your real user entries.
Required columns:
NameUserPrincipalNameInitialPasswordBlockSignIn (Yes/No)
β οΈ Rules & Warnings:
Never delete or modify rows 1β2.
Donβt add new columns (ignored).
Remove any leading/trailing spaces (causes failures).
Passwords must comply with tenant password policy.
π GUI Steps
Go to Microsoft Entra admin center β Users β All Users.
Click Bulk operations β Bulk create.
Download CSV template, fill with user info, save as
.csv.Upload CSV β Validate β Fix errors (if any).
Submit β Microsoft 365 processes the file.
Check results in Bulk operation results page.
π‘ Scale: Supports 50,000+ users in one operation (can run up to 1 hour).
β 3. Bulk User Deletion
π CSV Template Rules
Row 1 β Version number.
Row 2 β Column:
UserPrincipalName [userPrincipalName] Required.Row 3 β Example (
chris@contoso.com) β must be removed.From Row 4 β Actual users to delete.
β οΈ Rules:
Cannot edit/remove first 2 rows.
Only UPN required.
Always download the latest template.
π GUI Steps
Go to Entra admin center β Users β All Users.
Select Bulk operations β Bulk delete.
Download CSV template β Add UPNs.
Upload CSV β Validate β Submit.
Check results in Bulk operation results.
π 4. Bulk User Restore (for Deleted Users)
Location: Users β Deleted users.
Template difference:
Requires ObjectID instead of UPN.
(ObjectID is the GUID assigned to each user).
π GUI Steps
In Entra admin center β Users β Deleted users.
Click Bulk restore.
Download CSV template β Add ObjectIDs.
Upload β Validate β Submit.
Check results in Bulk operation results.
β οΈ Same CSV rules: cannot modify first 2 rows, no extra columns.
β‘ 5. Verify Bulk User Operations
β Entra Admin Center
Go to Users β All Users.
Confirm new users appear (or are removed/restored).
β PowerShell (Microsoft Graph)
Install and connect:
Install-Module Microsoft.Graph -Scope CurrentUser Import-Module Microsoft.Graph.Identity.DirectoryManagement Connect-MgGraph -Scopes 'User.Read.All'Check users:
Get-MgUser -Filter "UserType eq 'Member'"
βοΈ 6. Bulk Creation via PowerShell
Connect with write permissions:
Connect-MgGraph -Scopes 'User.ReadWrite.All'Prepare your CSV file with headers:
UserPrincipalName,FirstName,LastName,DisplayName,UsageLocation,AccountSkuId,Password ClaudeL@contoso.com,Claude,Loiselle,Claude Loiselle,US,contoso:ENTERPRISEPACK,User.pw1AccountSkuId= License type (e.g., ENTERPRISEPACK for E3).Passwordmust meet policy.
Run PowerShell:
Import-Csv -Path "C:\NewAccounts.csv" | foreach { New-MgUser -DisplayName $_.DisplayName ` -GivenName $_.FirstName ` -Surname $_.LastName ` -UserPrincipalName $_.UserPrincipalName ` -UsageLocation $_.UsageLocation ` -LicenseAssignmentStates $_.AccountSkuId ` -PasswordProfile $_.Password } | Export-Csv -Path "C:\NewAccountResults.csv"
π§Ύ 7. Exam & Real-World Key Points
Templates differ:
Bulk Create β Needs Name, UPN, Password, Sign-in status.
Bulk Delete β Only needs UPN.
Bulk Restore β Needs ObjectID.
First 2 rows of CSV must remain unchanged.
Errors are logged in a downloadable file.
Scale: Supports very large user batches (50k+).
Verification: Always check via GUI or PowerShell.
Best Practice:
Always download the latest template.
Test with a small batch before full bulk operation.
Keep a backup CSV (especially before deletion).
