Azure Active Directory Premium: Users and Groups

This is part of a continuing series on Azure Active Directory Premium and Microsoft’s Enterprise Mobility Suite. This post will focus on user and group management from Azure AD.

First, anyone can sign up for a 90-day trial of Azure AD Premium. To do so, log in to your Azure account, select your Azure Active Directory, then select “Azure Active Directory Premium” under the “Explore” area.


This will guide you through enabling the trial.

From here, you can either begin creating your users and groups, or set up a directory sync to your local directory. I am going to walk through creating user and groups manually in this post. A later post will deal with setting up the directory sync.

Creating Users

To create a new user, click “Add User” at the bottom of the page. There are three options – new user, user with existing Microsoft account, and user in another Azure AD. I’m going to stick with new user. Type in a username for the user and click next.


Next, fill out the relevant personal information for the user, including first, last, and display name. Next, select the user’s role. The user role is a regular user. The rest of the roles give the user some sort of management rights over the Azure AD. First is global administrator. This type of user is similar to a domain admin; they can basically do whatever they want in the Azure AD. Next is billing administrator. This user role allows users to make purchases and manage subscriptions. A service administrator can manage service requests and service health within the Azure portal. A user administrator can create and modify users, and a password administrator can reset all user’s passwords. I am going to create a simple user. Fill out this information and proceed to the next page.


Finally, click the “Create” button. This will create the account and assign the user a temporary password. After the account is created, you can email the temporary password to the user. They will be required to change it at their first logon.

After you create the account, you can select the username and view all of the information about the user. Administrators can also modify the information. Included with this information is the Activity tab. Here, you can see all of the places where this user has logged in. This information includes devices and linked SaaS applications.


Just as in on-premises Active Directory, you can create groups for delegating access to things, such as file storage, website access, and database access. With Azure AD, you can also use groups to grant rights to SaaS applications. This is especially helpful if you only have a certain number of licenses for a SaaS application.

To create a group, select the “Groups” tab and click “Add a Group”. Give your group a name and description. You can now select the group and add members. You can also change the group name or description from the “Configure” tab.


All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.