M365Corner

🔧 New: User Management Graph PowerShell Toolkit

Simplify user tasks like bulk creation, updates, password resets, deletions, license checks & more — all from one place.

🚀 Launch Toolkit
M365 PowerShell

Email All Microsoft 365 Group Owners Report with Graph PowerShell

Knowing who owns which Microsoft 365 groups is critical for security, governance, and lifecycle management. This Graph PowerShell script automates the process by pulling the owners of all Unified Groups and emailing a formatted report to the administrator.


Script – Get All Unified Group Owners and Mail the Report

# Connect to Microsoft Graph
Connect-MgGraph -Scopes "Group.Read.All", "User.Read.All", "Mail.Send"
                                
# Define admin mailbox to send report
$adminEmail = "samadmin@7xh7fj.onmicrosoft.com"  # Replace with your actual admin email
$fromUser = "samadmin@7xh7fj.onmicrosoft.com"    # The mailbox from which the email will be sent
                                
# Fetch all Unified Groups
$groups = Get-MgGroup -All -Property Id, DisplayName, GroupTypes | Where-Object {
$_.GroupTypes -contains "Unified"
}
                                
Write-Host "Found $($groups.Count) unified groups. Collecting owners..." -ForegroundColor Cyan
                                
# Build HTML table
$html = "<html><body>"
$html += "<h3>Microsoft 365 Group Owners Report</h3>"
$html += "<table border='1' cellpadding='5' cellspacing='0'>"
$html += "<tr><th>Group Name</th><th>Owner Name</th><th>Owner Email</th></tr>"
                                
foreach ($group in $groups) {
$owners = Get-MgGroupOwner -GroupId $group.Id -ErrorAction SilentlyContinue
                                
if ($owners) {
    foreach ($owner in $owners) {
        $ownerName = $owner.AdditionalProperties.displayName
        $ownerEmail = $owner.AdditionalProperties.mail
        $html += "<tr><td>$($group.DisplayName)</td><td>$ownerName</td><td>$ownerEmail</td></tr>"
    }
} else {
    $html += "<tr><td>$($group.DisplayName)</td><td colspan='2'>No owner assigned</td></tr>"
}
}
                                
$html += "</table></body></html>"
                                
# Construct the email body
$emailBody = @{
    Message = @{
        Subject = "Microsoft 365 Group Owners Report"
        Body = @{
            ContentType = "HTML"
            Content = $html
        }
        ToRecipients = @(
        @{
            EmailAddress = @{
            Address = $adminEmail
        }
        }
        )
     }
    SaveToSentItems = $true
}

# Send the email
Send-MgUserMail -UserId $fromUser -BodyParameter $emailBody

Write-Host "`nâś… Group owner report emailed to $adminEmail" -ForegroundColor Green


How the Script Works

  1. Connects to Microsoft Graph

    2. The script begins with a secure connection to Microsoft Graph using the necessary delegated scopes:

    • Group.Read.All to read group details
    • User.Read.All to access user metadata
    • Mail.Send to email the report
  2. Fetches All Unified Groups

    3. Only Microsoft 365 Groups (GroupTypes -contains "Unified") are selected using Get-MgGroup.

  3. Gets Owners for Each Group

    4. Each group is processed using Get-MgGroupOwner. If one or more owners exist, their names and emails are extracted; otherwise, a placeholder row is added for “No owner assigned.”

  4. Emails an HTML Report

    5. An HTML table is dynamically built and inserted into the body of the email. The message is sent from the admin’s mailbox to themselves.


Further Enhancements

Here are a few ways you could expand the script:

  • Export Report to CSV

    • You can write the same owner data to a .csv file for archival or upload:

    $report | Export-Csv -Path "GroupOwnersReport.csv" -NoTypeInformation
  • Include Group Members

    • Extend the logic to include both owners and members, building a nested or dual table layout.

  • Automate the Script

    • Run it on a weekly or monthly schedule using Windows Task Scheduler or Azure Automation.

  • Upload to SharePoint or Teams

    • Send the HTML or CSV report to a Teams channel or SharePoint site using Graph API endpoints.


Possible Errors & Solutions

Error Cause Solution
Access Denied Missing Graph permissions Use Connect-MgGraph with "Group.Read.All", "User.Read.All", "Mail.Send"
MailboxNotEnabled Sender doesn’t have a mailbox Ensure $fromUser has an Exchange Online mailbox
AdditionalProperties is null Owner object isn’t a user Filter for users only or handle empty properties gracefully
No owner assigned appears frequently Some groups lack assigned owners Use governance policies to assign owners automatically

Conclusion

This Graph PowerShell script gives administrators instant visibility into who owns what across all Microsoft 365 groups. By emailing a readable and neatly formatted report, it helps streamline governance reviews and boosts organizational transparency.

🛡️ With just a few lines of code, you get actionable insight into group ownership — straight to your inbox


Table of Contents

X

Table of Contents

Graph PowerShell Explorer Widget

20 Graph PowerShell cmdlets with easily accessible "working" examples.


Permission Required

Example:


                

                

                

                

                

            

        

    


 
            

        

    

    
    
    
    

        

            © m365corner.com. All Rights Reserved.
            Design by HTML Codex