Managing and auditing Microsoft 365 Groups and their memberships is a crucial task for administrators. Having a clear overview of which users belong to which groups is essential for maintaining access controls and ensuring proper collaboration settings within an organization. This guide walks you through a Graph PowerShell script designed to list all Microsoft 365 Groups along with their members, providing administrators with a streamlined way to audit group memberships.
# Ensure the Microsoft Graph PowerShell module is installed and imported
if (-not (Get-Module -ListAvailable -Name "Microsoft.Graph")) {
Install-Module -Name "Microsoft.Graph" -Scope CurrentUser
}
Import-Module Microsoft.Graph
# Function to list all groups with their members
function Get-AllGroupsWithMembers {
try {
# Retrieve all M365 Groups
$groups = Get-MgGroup -All
foreach ($group in $groups) {
Write-Host "Group: $($group.DisplayName)"
Write-Host "Group ID: $($group.Id)"
# Retrieve all members of the group
$members = Get-MgGroupMember -GroupId $group.Id
if ($members.Count -eq 0) {
Write-Host "No members in this group." -ForegroundColor Yellow
} else {
foreach ($member in $members) {
# Check if the member has a UserPrincipalName (for users) or fallback to DisplayName or Id
if ($member.UserPrincipalName) {
Write-Host "Member: $($member.UserPrincipalName)"
} elseif ($member.DisplayName) {
Write-Host "Member: $($member.DisplayName)"
} else {
Write-Host "Member ID: $($member.Id)"
}
}
}
Write-Host "--------------------------------------"
}
} catch {
Write-Host "Error retrieving groups and members: $($_.Exception.Message)" -ForegroundColor Red
}
}
# Run the function
Get-AllGroupsWithMembers
This PowerShell script utilizes the Microsoft Graph PowerShell module to retrieve a full list of all Microsoft 365 Groups and their members. Here’s how each part of the script functions:
This script is designed to handle various member types, ensuring that the correct data is displayed for each.
There are several ways to further enhance this script based on your administrative needs:
$report = @()
foreach ($group in $groups) {
foreach ($member in $members) {
$report += [PSCustomObject]@{
GroupName = $group.DisplayName
MemberName = $member.UserPrincipalName ?? $member.DisplayName ?? $member.Id
}
}
}
$report | Export-Csv -Path "C:\path\to\GroupMembers.csv" -NoTypeInformation
$groups = Get-MgGroup -Filter "groupTypes/any(g:g eq 'Unified')" -All
$owners = Get-MgGroupOwner -GroupId $group.Id
This script provides a simple yet powerful way for administrators to audit Microsoft 365 Group memberships across the organization. By leveraging Microsoft Graph PowerShell, admins can efficiently retrieve and display group and member information, ensuring proper access control and group management. With further customization, such as exporting data to CSV or scheduling regular reports, this script can become a key part of your Microsoft 365 administration toolkit.
Feel free to adapt the script based on your specific needs, and let it help you streamline your group management tasks!
© m365corner.com. All Rights Reserved. Design by HTML Codex