It might sound like a simple question however the reality is far from simple when it comes to Azure AD management via PowerShell commands and scripts.
Before I answer this question, let’s remember that Azure Active Directory is probably one of the first services Microsoft 365 started with. Without Azure, AD users and organisation identities cannot exist on Microsoft 365 or Azure.
Azure AD has three PowerShell modules capable of managing it to some degree and a full degree on Windows and other platforms at its current state, configuration and history. Below are all the modules that are currently supported:
- Msonline – Original and first PowerShell module release that allowed AD management using PowerShell.
- AzureAD – 2nd released and recommended module, run on Windows only (No PowerShell 7 support)
- Az PowerShell – Run on all platforms (PowerShell 7) however it is missing many options and doesn’t allow full management of Azure AD.
Capabilities
At this stage, you are probably asking yourself, why do we have 3 modules for managing a single service? The answer lies in the table below, which shows what you can and can’t do with each module.
| Module | Platform | Functionality |
| msonline | Windows | Full |
| AzureAD | Windows | Full |
| Az | All platforms | Semi |
If you look at the table closely, you can understand that the AzureAD module tops them all. It is the only module that offers full management capabilities of Azure AD via PowerShell. The downside of the AzureAD module is that it is based on PowerShell 5.1 and runs on Windows OS only, which can be a pain if you have a macOS or a Linux machine.
Unfortunately, Microsoft has not yet ported all the commands to the Az module or made AzureAD PowerShell 7 compatible to allow all platforms to run the module.
My feeling is that in the future, the AzureAD module will be PowerShell 7 based.
The Az module is also capable of managing Azure AD; however, the number of commands is less, which result in limited management capabilities. If you need to create, add and delete users, the Az module will do the job. However, anything beyond that will be challenging.
Installation
When it comes to installation, all modules are accessible via the PowerShell Gallery using the following commands.
Install-Module MSOnline
Install-Module azuread
Install-Module az
Recommendation
My recommendation is that you use the AzureAD module for an end to end Azure AD management and only use the Az module if you don’t have a Windows machine.
When it comes to the Msonline module, it is not recommended to use it since it was last updated back in 2019, and all commands have been ported to the AzureAD module.