Get Team Members and Their Roles Using Graph PowerShell

Microsoft Teams plays a significant role in fostering collaboration within organizations. For administrators, keeping track of team members and their roles is essential for managing permissions and maintaining security. In this article, we will introduce a simple Graph PowerShell script to help administrators retrieve the members of a specific Team along with their roles. This streamlined approach provides a clear overview of the Team's structure without the need for separate queries.

The Script

Below is the Graph PowerShell script to retrieve the members and their roles of a specified Team in your organization:

# Connect to Microsoft Graph
Connect-MgGraph -Scopes "Group.Read.All" "TeamMember.Read.All"

# Specify the Team ID
$teamId = "7ac400b1-72fe-47a4-b437-57671ca08f86"

# Retrieve members of the specified Team
$members = Get-MgTeamMember -TeamId $teamId
Write-Output "Members of the Team:"
foreach ($member in $members) {
    Write-Output " - $($member.DisplayName) (Role: $($member.Roles -join ' '))"
}

# Disconnect from Microsoft Graph
Disconnect-MgGraph

How the Script Works

  • Connect-MgGraph: The script starts by connecting to Microsoft Graph with the required permissions to read Team member data (Group.Read.All and TeamMember.Read.All).
  • Team ID: The $teamId variable should be replaced with the actual ID of the Team you want to retrieve the members for.
  • Get-MgTeamMember: This cmdlet fetches the list of members of the specified Team. Each member's role (such as member or owner) is displayed in the output.
  • Display the Members and Roles: The script loops through each member and outputs their display name along with their roles in the Team.
  • Disconnect from Graph: The session with Microsoft Graph is disconnected after the operation to maintain security.

Further Enhancements

  • Export to CSV: Modify the script to export the list of members and their roles to a CSV file for easy reporting or documentation.
  • Bulk Retrieval: Extend the script to loop through multiple Teams and retrieve members for all Teams in your organization.
  • Filter by Role: Add filtering logic to show only members with specific roles (e.g., only owners or only guests).
  • Automated Alerts: Set up an alert system that notifies you when there are changes in the Team's membership, improving security and awareness.

Possible Errors & Solutions

Error Cause Solution
Insufficient privileges to complete the operation. The account used does not have the required permissions to access the Team member data. Ensure that your account has the necessary permissions (Group.Read.All, TeamMember.Read.All) to access the data.
Resource not found for the segment 'Team'. The specified Team ID does not exist or is incorrect. Double-check that the Team ID is correct. Use Get-MgGroup -Filter "resourceProvisioningOptions/Any(x:x eq 'Team')" to list all Teams and find the appropriate ID.
Authorization_RequestDenied The authentication token used by the script does not have the required permissions. Reconnect to Microsoft Graph using the Connect-MgGraph cmdlet, specifying the correct scopes when prompted.
The 'Get-MgTeamOwner' cmdlet does not exist. There is no specific cmdlet to retrieve owners directly; instead, owners are included in the members list itself. The script already handles this by displaying the roles of all members, which includes owners.

Conclusion

This streamlined Graph PowerShell script provides a quick and efficient way to retrieve the members of a specific Microsoft Team and their roles. By leveraging the capabilities of Microsoft Graph, administrators can easily manage and audit Team memberships to ensure the correct people have the appropriate access. Enhancing and customizing this script further can help you automate your Team management tasks and maintain a secure Teams environment.

Suggested Reading

© m365corner.com. All Rights Reserved. Design by HTML Codex