Skip to main content

Microsoft Entra ID User

Once your application has been registered with Microsoft Entra ID, formerly Azure Active Directory, create a user that will be set as a service account while creating an identity store for Microsoft Entra IDin Directory Manager.

Follow the steps to create a user in Microsoft Entra ID:

Step 1 – In the Microsoft Entra Admin Center, go to Microsoft Entra ID> Users and click New User > Create new user.

create_user

Step 2 – On the User page:

create_new_user_page

  • The Basics tab contains the core fields required to create a new user.

    • User principal name: Enter a unique username and select a domain from the menu after the @ symbol. Select Domain not listed if you need to create a new domain. For more information, see Add your custom domain name.
    • Mail nickname: If you need to enter an email nickname that is different from the user principal name you entered, uncheck the Derive from user principal name option, then enter the mail nickname.
    • Display name: Enter the user's name.
    • Password: Provide a password for the user to use during their initial sign-in. Uncheck the Auto-generate password option to enter a different password.
    • Account enabled: This option is checked by default. Uncheck to prevent the new user from being able to sign-in. You can change this setting after the user is created.

    Either select the Review + create button to create the new user or Next: Properties to complete the next section.

  • The Properties tab has some categories of user properties you can provide. These properties can be added or updated after the user is created. The properties are:

    • Identity: Enter the user's first and last name. Set the User type as either Member or Guest.
    • Job information: Add any job-related information, such as the user's job title, department, or manager.
    • Contact information: Add any relevant contact information for the user.
    • Settings: Specify the user's global location.

    Either select the Review + create button to create the new user or Next: Assignments to complete the next section.

  • The Assignments tab. You can assign the user:

    • an administrative unit
    • group(s), select a group if you want to add the user to one or more existing groups
    • role(s), assign the user a Global administrator role
      Members of this role can create/manage groups, create/manage groups settings like naming and expiration policies, and view groups activity and audit reports.

    Select the Review + create button.

By default, the Directory Manager Administrator security role in a Microsoft Entra ID identity store binds to Global Administrator. If minimum role assignment for the service account is used, the default Admin Security role criteria should also be changed to the User Account Administrators group.

The user is created and added to your Microsoft Entra ID tenant.

You can now create an identity store for Microsoft Entra ID in Directory Manager.

Make sure you copy the application ID which is generated by Microsoft Entra ID when the application is registered. This application ID will be required while creating an identity store for Microsoft Entra ID.