SharePoint Online: Clone User Group Memberships using PowerShell

Requirement: Clone a user’s group permissions to another user in a SharePoint Online Site.

PowerShell to Clone User Group Memberships in SharePoint Online

PowerShell to Clone User’s Group Memberships in SharePoint Online:

It’s a common real-world scenario that when someone leaves the organization, and somebody else takes that role, they want the same permissions! While the requirement sounds simple, it’s cumbersome to achieve it through the web user interface. Basically, you have to go to each group where the source user is a member and add the target user to it. We can automate this task using PowerShell to clone user group memberships from one account to another!

#Function to copy group memberships from one user to another
Function Clone-SPOUserGroupPermission($SiteURL, $SourceUserID, $TargetUserID)
    Try {
        #Get the Site collection
        $Site = Get-SPOSite $SiteURL 
        #Get the Source user
        $SourceUser = Get-SPOUser -Site $Site -LoginName $SourceUserID

        #Get All groups of the source User
        $UserGroups = $SourceUser.Groups
        If($UserGroups.Count -gt 0)
            Write-host -f Yellow "Found the User Member of $($UserGroups.Count) Group(s)..."

            #Loop through each group of the source user and add target user to that group
            ForEach ($Group in $UserGroups)
                #Add Target User to the Group
                Add-SPOUser -Site $Site -LoginName $TargetUserID -Group $Group | out-null    
                Write-Host -f Green "Added $TargetUserID to Group '$Group'"
    Catch {
        Write-host $_.Exception.Message -f Red

#SharePoint Online Admin Center URL
$AdminCenterURL = ""
$SiteURL = ""
$SourceUserID =""
$TargetUserID =""

#Connect to SharePoint Online Admin Center
Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)

#Call the Function
Clone-SPOUserGroupPermission -SiteURL $SiteURL -SourceUserID $SourceUserID -TargetUserID $TargetUserID 

You can also use the “Get-SPOSite” cmdlet to get all site collections and call the function to copy the user’s group memberships to another user.

PnP PowerShell to copy User’s Group Permission to Another user

Here is how to clone user memberships in SharePoint Online using PnP PowerShell:

$SiteURL = ""
$SourceUserLoginID = ""
$TargetUserLoginID = ""

Try {
    #Connect to the Source Site
    Connect-PnPOnline -Url $SiteURL -Interactive

    #Get the source User
    $User = Get-PnPUser -Identity "i:0#.f|membership|$UserLoginID"

    #Get all groups of the user
    $UserGroups = $User.Groups | Where {$_.LoginName -notlike "*Limited Access*"}

    #Add Target User to the Groups
    $UserGroups | ForEach-Object {
        Add-PnPGroupMember -LoginName $TargetUserLoginID -Identity $_.LoginName
        Write-host -f Green "Added User to the Group:"$_.LoginName
Catch {
    write-host -f Red "Error:" $_.Exception.Message

What if you want to copy permissions completely from one user to another, instead of just copying group permissions? Because the source user may have permissions at other levels too. E.g., Permission may be granted directly (such as “Full Control”), as a site collection admin, at list/folder/item levels! So, Here is the PowerShell to clone user’s permissions: How to Copy User Permissions in SharePoint Online using PowerShell?

Salaudeen Rajack

Salaudeen Rajack - Information Technology Expert with Two-decades of hands-on experience, specializing in SharePoint, PowerShell, Microsoft 365, and related products. He has held various positions including SharePoint Architect, Administrator, Developer and consultant, has helped many organizations to implement and optimize SharePoint solutions. Known for his deep technical expertise, He's passionate about sharing the knowledge and insights to help others, through the real-world articles!

One thought on “SharePoint Online: Clone User Group Memberships using PowerShell

  • Hi Sir,

    Is there any way to clone user on entire tenant level?



Leave a Reply

Your email address will not be published. Required fields are marked *