AzureRM (NetCore): how to remove multiple users from Azure AD

When removing a directory (tenant) from Azure AD it’s necessary to clean the directory before it’s even possible to remove it.

Removing multiple users from the portal is a time consuming business: only batches of 7 users a time are supported. So removing them via PowerShell is the way to go. As I was performing this task in the evening and didn’t have my Windows laptop at hand I used my Mac.

First of all be sure you have your PowerShell Core updated on the Mac (install the pkg from Nuget https://github.com/PowerShell/PowerShell or use brew cask install powershell).

After that you have to install the AzureRM modules, you can do this with the following command:

Install-Module -Name AzureRM.Netcore -Scope CurrentUser

If you get a segmentation error be sure to upgrade your PowerShell (check the version with the following command: $PSVersionTable)

Check if the AzureRM modules are installed:

Get-Module -ListAvailable

Make a connection to Azure with:

Login-AzureRMAccount

The following text will appear:

WARNING: Microsoft Azure PowerShell collects data about how users use PowerShell cmdlets and some problems they encounter. 
Microsoft uses this information to improve our PowerShell cmdlets. Participation is voluntary and when you choose to participate 
your device automatically sends information to Microsoft about how you use Azure PowerShell.

If you choose to participate, you can stop at any time by using Azure PowerShell as follows:

Use the Disable-AzureDataCollection cmdlet to turn the feature Off. The cmdlet can be found in the AzureRM.Profile module
To disable data collection: Disable-AzureDataCollection

If you choose to not participate, you can enable at any time by using Azure PowerShell as follows:

Use the Enable-AzureDataCollection cmdlet to turn the feature On. The cmdlet can be found in the AzureRM.Profile module

To enable data collection: Enable-AzureDataCollection

Select Y to enable data collection [Y/N]:

WARNING: You choose not to participate in Microsoft Azure PowerShell data collection. WARNING: The setting profile has been 
saved to the following path '/Users/username/.config/Windows Azure Powershell/AzureDataCollectionProfile.json'. 
WARNING: To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code XXXXXXXXX to authenticate.

Make sure you browse to the link in the above text and enter the code so you can start working with PowerShell on your Azure account.

You will receive a message on which subscription you are connected.

Choose your tenant by running the following command:

Select-AzureRmSubscription –TenantId "GUID-Of-Tenant"

Again you will get a confirmation that you are connected to the selected tenant.

By running the following command you retrieve a list of all the users in your Directory:

Get-AzureRmADUser

We will now run this command and convert the users in this directory in a variable so we can double check:

$users = Get-AzureRmADUser

With echo $users.Count we print the number of users in our collection. If we want to add an extra step to check before we remove these users we can use the following command:

foreach ($user in $users) {echo $user.UserPrincipalName}

Ok, now it’s time to remove them all by using this command:

foreach ($user in $users) {Remove-AzureRMAduser -UPNOrObjectId $user.UserPrincipalName -Force}

Happy PowerShelling 😊

Daniel Nikolic

Is interested in everything connected to technology. Has a passion for cloud, virtualization and software development. Always finds appropriate IT solutions for customers that match their needs strategically, technically and financially.


Core qualities

Quick thinker, result driven, ambitious, customer-friendly, enthusiastic

Hobbies
Running, listening to music, good food and doing fun things with family

Job description
CTO PepperByte, LoadGen, and BlueParq

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *