Set-User

 

Applies to: Exchange Online, Exchange Server 2016

This cmdlet is available in on-premises Exchange Server 2016 and in the cloud-based service. Some parameters and settings may be exclusive to one environment or the other.

Use the Set-User cmdlet to modify user attributes. You can use this cmdlet to modify all objects that have user accounts (for example, user mailboxes, mail users, and user accounts).

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Set-User -Identity <UserIdParameter> [-AllowUMCallsFromNonUsers <None | SearchEnabled>] [-Arbitration <SwitchParameter>] [-AssistantName <String>] [-AuthenticationPolicy <AuthPolicyIdParameter>] [-CertificateSubject <MultiValuedProperty>] [-City <String>] [-Company <String>] [-Confirm [<SwitchParameter>]] [-CountryOrRegion <CountryInfo>] [-CreateDTMFMap <$true | $false>] [-Department <String>] [-DisplayName <String>] [-DomainController <Fqdn>] [-Fax <String>] [-FirstName <String>] [-GeoCoordinates <GeoCoordinates>] [-HomePhone <String>] [-IgnoreDefaultScope <SwitchParameter>] [-Initials <String>] [-LastName <String>] [-LinkedCredential <PSCredential>] [-LinkedDomainController <String>] [-LinkedMasterAccount <UserIdParameter>] [-Manager <UserContactIdParameter>] [-MobilePhone <String>] [-Name <String>] [-Notes <String>] [-Office <String>] [-OtherFax <MultiValuedProperty>] [-OtherHomePhone <MultiValuedProperty>] [-OtherTelephone <MultiValuedProperty>] [-Pager <String>] [-Phone <String>] [-PhoneticDisplayName <String>] [-PostalCode <String>] [-PostOfficeBox <MultiValuedProperty>] [-PublicFolder <SwitchParameter>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SeniorityIndex <Int32>] [-SimpleDisplayName <String>] [-StateOrProvince <String>] [-StreetAddress <String>] [-TelephoneAssistant <String>] [-Title <String>] [-UMCallingLineIds <MultiValuedProperty>] [-UMDtmfMap <MultiValuedProperty>] [-UserPrincipalName <String>] [-WebPage <String>] [-WhatIf [<SwitchParameter>]] [-WindowsEmailAddress <SmtpAddress>]

This example sets the display name for user Jill Frank.

Set-User -Identity Contoso\Jill -DisplayName "Jill Frank"

This example unlinks the linked mailbox Kweku@fabrikam.com and converts it to a user mailbox by setting the LinkedMasterAccount parameter to $null.

importantImportant:
Performing this procedure on a linked mailbox removes all permissions on the mailbox such as Send As, Full Access, folder, and calendar delegation.
Set-User -Identity Kweku@fabrikam.com -LinkedMasterAccount $null

The Set-User cmdlet contains no mail-related properties for mailboxes or mail users. To modify the mail-related properties for a user, you need to use the corresponding cmdlet based on the object type (for example, Set-Mailbox or Set-MailUser).

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Recipient Provisioning Permissions" section in the Recipients Permissions topic.

 

Parameter Required Type Description

Identity

Required

Microsoft.Exchange.Configuration.Tasks.UserIdParameter

The Identity parameter specifies the user that you want to modify. You can use any value that uniquely identifies the user.

For example:

  • Name

  • Display name

  • Distinguished name (DN)

  • Canonical DN

  • GUID

AllowUMCallsFromNonUsers

Optional

Microsoft.Exchange.Data.Directory.Recipient.AllowUMCallsFromNonUsersFlags

The AllowUMCallsFromNonUsers parameter specifies whether to exclude the user from directory searches.

Arbitration

Optional

System.Management.Automation.SwitchParameter

This parameter is available only in on-premises Exchange 2016.

The Arbitration parameter specifies that the mailbox for which you are executing the command is an arbitration mailbox. Arbitration mailboxes are used for managing approval workflow. For example, an arbitration mailbox is used for handling moderated recipients and distribution group membership approval.

AssistantName

Optional

System.String

The AssistantName parameter specifies the name of the user's assistant.

AuthenticationPolicy

Optional

Microsoft.Exchange.Configuration.Tasks.AuthPolicyIdParameter

PARAMVALUE: AuthPolicyIdParameter

CertificateSubject

Optional

Microsoft.Exchange.Data.MultiValuedProperty

This parameter is available only in on-premises Exchange 2016.

The CertificateSubject parameter specifies the value of the subject field of the user's digital certificate.

City

Optional

System.String

The City parameter specifies the user's city.

Company

Optional

System.String

The Company parameter specifies the user's company.

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.

  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

CountryOrRegion

Optional

Microsoft.Exchange.Data.Directory.CountryInfo

The CountryOrRegion parameter specifies the user's country or region.

CreateDTMFMap

Optional

System.Boolean

The CreateDTMFMap parameter specifies whether to create a dual-tone multiple-frequency (DTMF) map for the recipient. This allows the recipient to be identified by using a telephone keypad in Unified Messaging (UM) environments. Valid values are:

  • $true   A DTMF map is created for the recipient. This is the default value.

  • $false   A DTMF map isn't created for the recipient.

Department

Optional

System.String

The Department parameter specifies the user's department.

DisplayName

Optional

System.String

The DisplayName parameter specifies the display name of the user. The display name is visible in the Exchange admin center and in Active Directory. The maximum length is 256 characters. If the value contains spaces, enclose the value in quotation marks (").

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

This parameter is available only in on-premises Exchange 2016.

The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.

Fax

Optional

System.String

The Fax parameter specifies the user's fax number.

FirstName

Optional

System.String

The FirstName parameter specifies the user's first name.

GeoCoordinates

Optional

Microsoft.Exchange.Data.GeoCoordinates

The GeoCoordinates parameter specifies the user's physical location in latitude, longitude, and altitude coordinates. Use this parameter to specify the global position of physical resources, such as conference rooms. You have to specify one of the following sets of coordinates; use semicolons to separate the values.

  • Latitude and longitude; for example, "47.644125;-122.122411"

  • Latitude, longitude, and altitude; for example, "47.644125;-122.122411;161.432"

HomePhone

Optional

System.String

The HomePhone parameter specifies the user's home telephone number.

IgnoreDefaultScope

Optional

System.Management.Automation.SwitchParameter

This parameter is available only in on-premises Exchange 2016.

The IgnoreDefaultScope switch tells the command to ignore the default recipient scope setting for the Exchange Management Shell session, and to use the entire forest as the scope. This allows the command to access Active Directory objects that aren't currently available in the default scope.

Using the IgnoreDefaultScope switch introduces the following restrictions:

  • You can't use the DomainController parameter. The command uses an appropriate global catalog server automatically.

  • You can only use the DN for the Identity parameter. Other forms of identification, such as alias or GUID, aren't accepted.

Initials

Optional

System.String

The Initials parameter specifies the user's middle initials.

LastName

Optional

System.String

The LastName parameter specifies the user's last name.

LinkedCredential

Optional

System.Management.Automation.PSCredential

This parameter is available only in on-premises Exchange 2016.

The LinkedCredential parameter specifies credentials to use to access the domain controller specified by the LinkedDomainController parameter.

You can only use the LinkedCredential parameter with a linked user.

This parameter requires you to create a credentials object by using the Get-Credential cmdlet. For more information, see Get-Credential.

LinkedDomainController

Optional

System.String

This parameter is available only in on-premises Exchange 2016.

The LinkedDomainController parameter specifies the domain controller in the forest where the user account resides, if this user is a linked user. The domain controller in the forest where the user account resides is used to get security information for the account specified by the LinkedMasterAccount parameter.

This parameter is required only if you're connecting a linked user.

LinkedMasterAccount

Optional

Microsoft.Exchange.Configuration.Tasks.UserIdParameter

This parameter is available only in on-premises Exchange 2016.

The LinkedMasterAccount parameter specifies the master account in the forest where the user account resides, if this user is a linked user. The master account is the account to which the user links. The master account grants access to the user. You can use one of the following values:

  • GUID

  • DN

  • Domain\Account

  • UPN

  • LegacyExchangeDN

  • SmtpAddress

  • Alias

  • $null

If you set this parameter's value to $null, you will unlink the account and convert the linked mailbox into a non-linked user mailbox. The mailbox won't retain the permissions previously set on it such as Send As, full access, folder, and calendar delegation.

This parameter is required only if you're connecting a linked user.

Manager

Optional

Microsoft.Exchange.Configuration.Tasks.UserContactIdParameter

The Manager parameter specifies the user's manager.

MobilePhone

Optional

System.String

The MobilePhone parameter specifies the user's primary mobile phone number.

Name

Optional

System.String

The Name parameter specifies the unique name of the user. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").

Notes

Optional

System.String

The Notes parameters specifies additional information about the object. If the value contains spaces, enclose the value in quotation marks (").

Office

Optional

System.String

The Office parameter specifies the user's physical office name or number.

OtherFax

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The OtherFax parameter specifies the user's alternative fax number.

OtherHomePhone

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The OtherHomePhone parameter specifies the user's alternative home telephone number.

OtherTelephone

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The OtherTelephone parameter specifies the user's alternative telephone number.

Pager

Optional

System.String

The Pager parameter specifies the user's pager number.

Phone

Optional

System.String

The Phone parameter specifies the user's office telephone number.

PhoneticDisplayName

Optional

System.String

The PhoneticDisplayName parameter specifies an alternate spelling of the user's name that's used for text to speech in Unified Messaging (UM) environments. Typically, you use this parameter when the pronunciation and spelling of the user's name don't match. The maximum length is 256 characters. If the value contains spaces, enclose the value in quotation marks (").

PostalCode

Optional

System.String

The PostalCode parameter specifies the user's zip code or postal code.

PostOfficeBox

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The PostOfficeBox parameter specifies the user's post office box number.

PublicFolder

Optional

System.Management.Automation.SwitchParameter

The PublicFolder switch specifies that the user is a public folder mailbox. This switch is required to only when you change the settings of public folder mailboxes. You don't need to specify a value with this switch.

Public folder mailboxes are specially designed mailboxes to store the hierarchy and content of public folders.

RemotePowerShellEnabled

Optional

System.Boolean

The RemotePowerShellEnabled parameter specifies whether the user has access to remote PowerShell. Remote PowerShell access is required to open the Exchange Management Shell or the Exchange admin center (EAC), even if you're trying to open the Exchange Management Shell or the EAC on the local Mailbox server. Valid values are:

  • $true   The user has access to remote PowerShell.

  • $false   The user doesn't have access to remote PowerShell.

The default value depends on the management roles that are assigned to the user.

ResetPasswordOnNextLogon

Optional

System.Boolean

The ResetPasswordOnNextLogon parameter specifies whether the user must change their password the next time they log on. Valid values are:

  • $true   The user is required to change their password the next time they log on.

  • $false   The user isn't required to change their password the next time they log on. This is the default value.

SamAccountName

Optional

System.String

This parameter is available only in on-premises Exchange 2016.

The SamAccountName parameter (also known as the pre-Windows 2000 user account or group name) specifies an object identifier that's compatible with older versions of Microsoft Windows client and server operating systems. The value can contain letters, numbers, spaces, periods (.), and the characters !, #, $, %, ^, &, -, _, {, }, and ~. The last character can't be a period. Unicode characters are allowed, but accented characters may generate collisions (for example, o and ö match). The maximum length is 20 characters.

SeniorityIndex

Optional

System.Int32

The SeniorityIndex parameter specifies the order in which this user will display in a hierarchical address book. A user with a value of 2 will display higher in an address book than a user with a value of 1.

SimpleDisplayName

Optional

System.String

UNRESOLVED_TOKEN_VAL(PD_SimpleDisplayName)

StateOrProvince

Optional

System.String

The StateOrProvince parameter specifies the user's state or province.

StreetAddress

Optional

System.String

The StreetAddress parameter specifies the user's physical address.

TelephoneAssistant

Optional

System.String

This parameter is available only in on-premises Exchange 2016.

The TelephoneAssistant parameter specifies the telephone number of the user's assistant.

Title

Optional

System.String

The Title parameter specifies the user's title.

UMCallingLineIds

Optional

Microsoft.Exchange.Data.MultiValuedProperty

This parameter is available only in on-premises Exchange 2016.

The UMCallingLineIds parameter specifies telephone numbers or extensions that can be mapped to a Unified Messaging (UM)-enabled user. You can specify more than one telephone number for each user, separated by a comma. This parameter accepts digits less than 128 characters in length and may include an optional plus sign (+) preceding the numbers. Each UM-enabled user must have a unique UMCallingLineIds parameter value.

UMDtmfMap

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The UMDtmfMap parameter specifies the dual-tone multiple-frequency (DTMF) map values for the recipient. This allows the recipient to be identified by using a telephone keypad in Unified Messaging (UM) environments. Typically, these DTMF values are automatically created and updated, but you can use this parameter to make changes manually. This parameter uses the following syntax:

  • emailAddress:<integers>

  • lastNameFirstName:<integers>

  • firstNameLastName:<integers>

To enter values that overwrite all existing entries, use the following syntax: emailAddress:<integers>,lastNameFirstName:<integers>,firstNameLastName:<integers>.

If you use this syntax and you omit any of the DTMF map values, those values are removed from the recipient. For example, if you specify only emailAddress:<integers>, all existing lastNameFirstName and firstNameLastName values are removed.

To add or remove values without affecting other existing entries, use the following syntax: @{Add="emailAddress:<integers>","lastNameFirstName:<integers>","firstNameLastName:<integers>"; Remove="emailAddress:<integers>","lastNameFirstName:<integers>","firstNameLastName:<integers>"}.

If you use this syntax, you don't need to specify all of the DTMF map values, and you can specify multiple DTMF map values. For example, you can use @{Add="emailAddress:<integers1>","emailAddress:<intgers2>} to add two new values for emailAddress without affecting the existing lastNameFirstName and firstNameLastName values.

UserPrincipalName

Optional

System.String

This parameter is available only in on-premises Exchange 2016.

The UserPrincipalName parameter specifies the logon name for the user account. The UPN uses an email address format <username>@<domain>. Typically, the <domain> value is the domain where the user account resides.

WebPage

Optional

System.String

The WebPage parameter specifies the user's Web page.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.

WindowsEmailAddress

Optional

Microsoft.Exchange.Data.SmtpAddress

The WindowsEmailAddress parameter specifies the Windows email address for this recipient. This is a common Active Directory attribute that's present in all environments, including environments without Exchange. Using the WindowsEmailAddress parameter on a recipient has one of the following results:

  • In on-premises environments where the recipient is subject to email address policies (the EmailAddressPolicyEnabled property is set to the value True for the recipient), the WindowsEmailAddress parameter has no effect on the WindowsEmailAddress property or the primary email address value.

  • In cloud environments or in on-premises environments where the recipient isn't subject to email address policies (the EmailAddressPolicyEnabled property is set to the value False for the recipient), the WindowsEmailAddress parameter updates the WindowsEmailAddress property and the primary email address to the same value.

The WindowsEmailAddress property is visible for the recipient in Active Directory Users and Computers in the E-mail attribute. The attribute common name is E-mail-Addresses, and the Ldap-Display-Name is mail. If you modify this attribute in Active Directory, the recipient's primary email address is not updated to the same value.

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

 
Show: