extensionAttributes – add values via Powershell + CSV file

It is common to have one or multiple extensionAttributes in an Azure AD environment for use with Intune for example. These extensionAttributes can be handled in a couple of different ways when it comes to managing the values set for each of those. For simplicity I’ve created a Powershell script that can add values to multiple predefined extensionAttributes via a CSV file. This makes it more easy to import values on a larger group of users at any specific time or change a value afterwards.

The requirements to run this script is to have the following things ready before using the script:

  1. Created a Azure AD Application beforehand that can store the extenstionAttributes. Please read Microsofts documentation.
  2. Created (at least) one Azure AD Application Extension Property. Please read Microsofts documentation.
  3. The name of the Azure AD Application which we will use in the script (or as a parameter when executing the script).
  4. Created a CSV file which contains the username, extensionAttributeName and extensionAttributeValue of your choice. Please note that the extensionAttributeName must exist in the Azure AD Application. See my CSV template picture below.

Script explanation:

Execute the script as following:

or (if you want to define your Applicationname directly here instead inside the script)


Logs will be written to C:\Windows\Temp\Add-extensionAttributeValue.log and look like the example below:

The script will also write the output directly on screen from where it’s executed:

Down below you will find the code for the script:

The script is highly adoptable and can be changed in a lot of ways to fit your environment. So feel free to use it as you want.

If you have any questions, feel free to email me at tobias.sandberg@xenit.se or comment down below. I will try to answer you as soon as possible.

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.