Managing Users in Microsoft Entra ID: The Essential Guide for Confident MS-102 Administrators

by

Managing users in Microsoft Entra ID is one of the core responsibilities of a Microsoft 365 administrator. Every identity in your tenant — whether cloud-only, hybrid, or guest — must be created, secured, licensed, monitored, and eventually removed properly. Managing Users in Microsoft Entra ID ensures that all users are accounted for and managed effectively.

For the MS-102 Microsoft 365 Administrator exam, user management is not just about clicking “Create User.” It includes:

Understanding and managing users in Microsoft Entra ID is crucial for efficient administration.

  • Creating users
  • Editing properties
  • Assigning licenses
  • Resetting passwords
  • Unlocking accounts
  • Managing guest users
  • Monitoring sign-ins
  • Restoring deleted accounts

This guide walks through each task clearly and practically.

Managing Users in Microsoft Entra ID

Where to Manage Users

Users can be managed from two locations:

1️⃣ Microsoft 365 Admin Center

With Managing Users in Microsoft Entra ID, you can also monitor security and access.

Users → Active Users

Each section of this guide emphasizes the importance of Managing Users in Microsoft Entra ID for security and compliance.

2️⃣ Microsoft Entra Admin Center (Recommended)

Entra ID → Users

The process of Managing Users in Microsoft Entra ID should be clear and straightforward.

For identity-focused tasks, the Entra Admin Center is preferred.

Creating a Cloud-Only User (Step-by-Step)

Most lab and many production users in Microsoft 365 are cloud-only (not synced from on-premises AD).

Create a User in the Microsoft 365 Admin Center

  1. Go to Users Active users

Utilizing best practices in Managing Users in Microsoft Entra ID will enhance your security posture.

In conclusion, Managing Users in Microsoft Entra ID is fundamental to your role.

  1. Click Add a userA screenshot of a computerAI-generated content may be incorrect.
  2. Fill in:
    • First name & Last name
    • Display name
    • Username (e.g., john@yourdomain.com)
    • Choose Auto-generate password or set a custom password
    • Select Require this user to change their password on first sign-in

Effective Managing Users in Microsoft Entra ID includes creating and maintaining user accounts.

Considerations for Managing Users in Microsoft Entra ID are essential for compliance.

  1. Click on Next
  2. Assign a location
  3. Assign licenses (e.g., Microsoft 365 E3)
  1. Select which Apps should be assigned
  1. Click on Next
  2. In the Optional Settings page, enter profile info like designation, department, phone number, etc.
  3. Click Finish adding

Create User in Entra Admin Center

  1. In https://entra.microsoft.com,
  2. Go to Identity Users All users
  1. Click New user Create new user
  1. Provide:
    • User principal name (UPN)
    • Name
    • Initial password
  • Provide:
  1. First Name
  2. Last Name
  3. Job Information
  1. Optionally assign:
    • Groups
    • Roles
  1. Click Review + Create
  2. Click Create

Viewing and Editing User Properties

Select a user → Review these sections:

  • Overview
  • Properties
  • Assignments
  • Licenses
  • Groups
  • Roles

Common changes administrators make:

  • Job title
  • Department
  • Manager
  • Usage location
  • Office location

Usage location must be set before license assignment.

Assigning Licenses to Users

Licensing was covered in detail in Chapter 5. Here’s how it ties to user management:

  1. Open a user in Active users
  2. Go to Licenses and apps
  1. Select or unselect:
    • Microsoft 365 E3/E5
    • Standalone services or add-ons
  1. Toggle specific apps (Teams, SharePoint, etc.) ON or OFF
  1. Save changes

A user without a license:

  • Cannot access services such as Exchange, Teams, and SharePoint
  • Might still authenticate, but see limited apps

Resetting Passwords

Password issues are one of the most common support requests.

Microsoft Entra Hybrid Identity Models Explained showing PHS, PTA and Federation authentication methods
Master Microsoft Entra Hybrid Identity Models (PHS vs PTA vs Federation) – Complete MS-102 Guide

Resetting a User Password

  1. In Admin Center Users Active users
  2. Select the user
  3. Click Reset password
  1. Choose whether to:
    • Auto-generate a password
    • Manually set a password
  1. Share the new password securely with the user

Unlocking Accounts

If you suspect compromise or need to disable access:

  1. Open the user in Active users
  2. Click Block sign-in
  1. Choose Block this user from signing in
  1. Save changes

To restore access, set it back to Allow sign-in.

Signing the User Out of All Sessions

To force the user to re-authenticate:

  • In the user’s details, use Sign out of all sessions
  • The user will be logged out of browser sessions and apps over time

Managing Guest Users

Guest users are external identities invited to your tenant.

To invite a guest:

  1. Entra ID → Users
  2. New user → Invite external user
  3. Enter external email
  4. Send invitation

Guests can:

  • Access Teams
  • Collaborate in SharePoint
  • Join groups

Guest access must align with security policies.

  1. Go to https://entra.microsoft.com
  2. Navigate to Entra ID Users All users Drop down New user Invite external userA screenshot of a computerAI-generated content may be incorrect.
  3. Fill in Basic details and Review + Invite
  • Client email ID
  • Client Display name
  • Welcome message

Bulk User Operations

For larger environments, managing users one by one is inefficient.

Bulk Add Users (CSV)

  1. In Admin Center Users Active users
  2. Click Add multiple users
  1. Download the CSV template
  2. Fill in:
    • Usernames
    • Names
    • Usage location
    • Initial passwords (optional)
  3. Upload the CSV and complete the wizard

Bulk Edit Users

You can select multiple users and:

  • Assign/removal of licenses in bulk
  • Block/Unblock sign-in
  • Change usage location

For advanced automation, organisations will use:

  • PowerShell (e.g., Connect-MgGraph, New-MgUser)
  • Microsoft Graph API

Deleted Users and Account Recovery

When a user is deleted:

  • Account enters “soft delete” state
  • Retained for 30 days

Restoring a Deleted User

  1. Go to Users Deleted users
  2. Select the user
  1. Click Restore user
  1. Optionally reassign licenses

Mailbox and OneDrive content can often be recovered after a restore (depending on retention policies).

After 30 days, the account is permanently deleted and cannot be recovered without a backup or exceptional retention.

Understanding retention is important for MS-102.

Monitoring User Sign-Ins

Sign-in logs are located in:

Entra ID → Sign-in Logs

Here you can review:

3D infographic of Microsoft 365 Organizational Settings menu showing Services, Security & Privacy, and Org Profile sections for MS-102 exam preparation
The Ultimate Guide to 60 Microsoft 365 Organizational Settings (MS-102)
  • Successful logins
  • Failed attempts
  • Location
  • Device
  • Risk level

Sign-in logs are heavily referenced in identity troubleshooting scenarios.

Managing Group Membership

Users often receive:

  • Licenses
  • Access
  • Permissions

through group membership.

Create a Group

  1. Open the user in Entra Admin Center
  2. Go to the Groups tab
  1. Select the group that you want to create
  1. Add a Microsoft 365 group
  1. Fill in basic details
    • Microsoft Group Name
    • Description: For what this group is used for
  1. Add Assign owners
  1. Add members
  1. Fill in
    • Group email address
    • Privacy: Public or Private
  1. Review and Click Create Group

To manage:

  1. Open user
  2. Select Groups
  3. Add or remove membership

Group-based licensing and Conditional Access depend on this.

Managing Users in Microsoft Entra ID: Best Practices

Apply Least Privilege

Do not assign unnecessary admin roles.

Enforce MFA

All users should be protected with Multi-Factor Authentication.

Use Naming Standards

Consistent username format prevents confusion.

Disable Before Deleting

If an employee leaves:

  1. Block sign-in
  2. Remove license
  3. Preserve data
  4. Then delete

Why Managing Users in Microsoft Entra ID Matters for MS-102

User management is central to:

  • Identity lifecycle
  • Access control
  • Security enforcement
  • Compliance
  • Automation

Exam scenarios often describe:

One key aspect of Managing Users in Microsoft Entra ID is resolving access issues promptly.

  • A user unable to access Teams
  • A mailbox not provisioning
  • A compromised account
  • A guest access issue

Nearly all these issues start with identity configuration.

Final Insights

Managing users in Microsoft Entra ID is not just administrative work it is identity governance.

Every user represents:

  • A potential security risk
  • A licensing decision
  • An access boundary
  • A compliance responsibility

When you understand user lifecycle management deeply, you move beyond account creation and begin managing identity strategically.

If you’re new to this learning series, start with the main MS-102 Microsoft 365 Administrator overview, where we explain how all chapters connect and what skills you’ll build across the journey.

For the most accurate and up-to-date exam objectives and reference material, Microsoft maintains the official MS-102 documentation on Microsoft Learn. This series complements those resources by focusing on real-world administrative understanding.

In the next chapter, we will explore: Multi-Factor Authentication (MFA) and Authentication Methods

That is where identity protection becomes active defense.

As you advance through this guide, remember that Managing Users in Microsoft Entra ID offers unique insights into identity management.

Leave a Comment

© 2026 TechCertGuide.Blog. All rights reserved.