Automating Microsoft Entra ID User Provisioning with PowerShell

In organizations employing Microsoft Entra ID for identity management, automating user provisioning can streamline administrative tasks and enhance security. This PowerShell script is designed to provision new users in Microsoft Entra ID, allowing administrators to create user accounts and assign necessary roles in one go.
This script will:
1. Create a new user account in Microsoft Entra ID.
2. Assign a specified role to the user.
3. Send a confirmation email with the new account details.
By using this script, you can reduce the time spent on user onboarding processes and minimize manual entry errors.

# Import the required module for Microsoft Entra ID
Import-Module Microsoft.Graph
# Parameters for the new user
$userPrincipalName = "[email protected]"
$displayName = "New User"
$password = "P@ssw0rd123" # Consider using a more secure password generation method
$roleId = "role-id-for-assignment"
# Create the new user
$newUser = New-MgUser -UserPrincipalName $userPrincipalName -DisplayName $displayName -AccountEnabled $true -MailNickname "newuser" -PasswordProfile @{
    ForceChangePasswordNextSignIn = $true
    Password = $password
}
# Assign the user to a role
New-MgUserAppRoleAssignment -UserId $newUser.Id -AppRoleId $roleId -ResourceId "resource-id"
# Send a confirmation email
$welcomeEmailBody = "Welcome $displayName! Your account has been created. Please log in using: Username: $userPrincipalName Password: $password"
Send-MailMessage -To $userPrincipalName -From "[email protected]" -Subject "Welcome to Our Organization" -Body $welcomeEmailBody -SmtpServer "smtp.yourdomain.com"
Write-Host "User $displayName has been successfully created and provisioned."