SharePoint Online: Set Active Directory Security Group as Site Collection Administrator using PowerShell

Requirement: Add active directory security group to SharePoint online site collection administrator group.

PowerShell to Add AD Security group as Site Collection Administrator:
Step 1: Get AD Security Group's ID
We need the ID of the AD group first. Use the PowerShell script to retrieve the ID, make sure you have Azure AD module installed.
$GroupName = "Opera"

#Connect to Azure AD
Connect-AzureAD -Credential (Get-Credential)

#Get Security Group's SID
Get-AzureADGroup -SearchString $GroupName | Select DisplayName, ObjectId | Format-table
This script gets IDs of all AD security groups with given name. Copy the ID for the group. Step 2: 

Step 2: Add Active Directory Group to SharePoint Online Site Collection Administrator's Group
Now, Use this PowerShell script to add the AD group as site collection administrator
#Variables
$AdminURL = "https://crescent-admin.sharepoint.com/"
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"
$ADGroupID = "3645e787-4f3e-44da-8b60-4fe9e32c5a24"

$LoginName = "c:0t`.c`|tenant`|$ADGroupID"

Try {
    #Connect to SharePoint Online
   # Connect-SPOService -url $AdminURL -Credential (Get-Credential)
 
    $Site = Get-SPOSite $SiteURL
 
    Write-host -f Yellow "Adding AD Group as Site Collection Administrator..."
    Set-SPOUser -site $Site -LoginName $LoginName -IsSiteCollectionAdmin $True
    Write-host -f Green "Done!"
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}
Similarly, You can add AD group to all site collections in the tenant as:
#Import-Module Microsoft.Online.SharePoint.PowerShell

#Variables
$AdminURL = "https://crescent-admin.sharepoint.com/"
$ADGroupID = "3645e787-4f3e-44da-8b60-4fe9e32c5a24"

$LoginName = "c:0t`.c`|tenant`|$ADGroupID"

Try {
    #Connect to SharePoint Online
     Connect-SPOService -url $AdminURL -Credential (Get-Credential)
 
     #Get All Site Collections
     $Sites = Get-SPOSite -Limit ALL -IncludePersonalSite:$False
 
    Foreach ($Site in $Sites)
    {
        Write-host "Adding Site Collection Admin for:"$Site.URL
        Set-SPOUser -site $Site -LoginName $LoginName -IsSiteCollectionAdmin $True | Out-Null
    }
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}
add security group to sharepoint online

You can also use PowerShell CSOM script to add site collection administrators SharePoint Online: Add Site Collection Administrator using PowerShell
SharePoint Online: Set Active Directory Security Group as Site Collection Administrator using PowerShell SharePoint Online: Set Active Directory Security Group as Site Collection Administrator using PowerShell Reviewed by Salaudeen Rajack on March 03, 2019 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.