Find All Office 365 Group Memberships of a User using PowerShell
Requirement: Get a list of all Microsoft 365 groups where a particular user is a member (or owner!).
How to a Find a Particular User’s All Office 365 Group Memberships?
If you need to find all the Office 365 group memberships that a user is a part of, PowerShell is your best bet. This post will show you how to use PowerShell to find all Office 365 group memberships for a specified user. This can be especially useful if you’re looking to clean up users’ group memberships or simply want to get a better understanding of their overall collaboration environment.
To find out what Office 365 group memberships a user has, do the following:
- Login to Microsoft 365 Admin Center https://admin.microsoft.com
- Under the “Users” tab, search and find the user you are interested in.
- Click on the user name to open user properties >> In the user properties pane, click on “Manage groups” under “Groups”.
- This gets you all Office 365 groups a user is a member of. (Not just Microsoft 365 groups, but also Security groups and Distribution Lists).
PowerShell to Find Users Office 365 Group Memberships
Now, let’s use PowerShell to retrieve the group memberships of a given user.
Prerequisites: Install AzureAD PowerShell Module to Connect to Azure Active Directory from PowerShell
You must have the AzureAD PowerShell module installed. This script installs the AzureAD PowerShell module if it’s installed in your system already. Make sure you are running this as an administrator!
#Check if AzureAD Module is installed
$AzureAD = (Get-Module AzureAD -ListAvailable).Name
Try {
If ($AzureAD -eq $null)
{
Write-host "AzureAD module is unavailable! Installing AzureAd module..." -f Yellow
#Install AzureAD Module
Install-Module AzureAd -Allowclobber -Repository PSGallery -Force
Write-host "AzureAD Module installed to your machine Successfully!" -f Green
}
Else {
Write-host "AzureAD Module is already installed in this system!" -f Yellow
}
}
Catch {
write-host -f Red "`tError:" $_.Exception.Message
}
Once we have the AzureAD PowerShell module installed, use this PowerShell script to find all Office 365 groups where a user is a member and export the data to a CSV file.
Import-Module AzureAd -ErrorAction SilentlyContinue
#Parameters
$UserID = "[email protected]"
$CSVFile = "C:\Temp\GroupMemberships.csv"
Try {
#Connect to Azure AD
Connect-AzureAD -Credential (Get-Credential) | Out-Null
#Get the User
$User = Get-AzureADUser -ObjectId $UserID
#Get User's Group Memberships
$Memberships = Get-AzureADUserMembership -ObjectId $User.ObjectId | Where-object { $_.ObjectType -eq "Group" }
#Export group memberships to a CSV
$Memberships | Select DisplayName, Mail, ObjectId | Export-Csv -LiteralPath $CSVFile -NoTypeInformation
}
Catch {
write-host -f Red "`tError:" $_.Exception.Message
}
Please note that this script gets all group memberships of a given user only when he’s added as a group member. To get all groups where the user is an owner, use the following:
$Ownerships = Get-AzureADUserOwnedObject -ObjectId $User.ObjectId | Where-object { $_.ObjectType -eq "Group" }
Conclusion
In summary, using PowerShell to get the group membership of Office 365 users is a quick and efficient way to gather this information. By using the Get-AzureADUser cmdlet and piping the results to the Get-AzureADUserMembership cmdlet, you can retrieve a list of all the groups that a user is a member of. This can be useful for a variety of purposes, such as reporting, auditing, and managing user access to resources. By following the steps outlined in this tutorial, you can easily use PowerShell to get the group membership of Office 365 users.
This script saved me hours. Thank you!
How can I get the results for multiple users? Can you please help