This post discusses how can we see who is the owner of the office 365 group (Unified Group) or Azure AD group
We can see this information either using the Azure AD PowerShell module or using the Exchange
Online PowerShell module In this post I will cover the method using AzureAD PowerShell method
Connect to AzureAD.
Now once we have the object ID we can get the owner details using below CMD.
Or to make it easier, create a function and add to your function kitty to call it any time.
We can see this information either using the Azure AD PowerShell module or using the Exchange
Online PowerShell module In this post I will cover the method using AzureAD PowerShell method
Connect to AzureAD.
Now get the group, we can use the search string option, search string option supports short string and full email address as well as showing in the example below.PS:5 >Connect-AzureAD
PS:5 >Get-AzureADGroup -SearchString "Test" ObjectId DisplayName Description -------- ----------- ----------- 5e3c1eaf-27d2-4c2a-a5a1-9f282c3c93ea Test Test 5e1d3557-0a43-4db1-8f84-e82942377524 test5 all team members PS:10 >Get-AzureADGroup -SearchString "Test@Brocode.gq" ObjectId DisplayName Description -------- ----------- ----------- 5e3c1eaf-27d2-4c2a-a5a1-9f282c3c93ea Test Test
Now once we have the object ID we can get the owner details using below CMD.
[C:\] PS:6 >Get-AzureADGroupOwner -ObjectId 5e3c1eaf-27d2-4c2a-a5a1-9f282c3c93ea ObjectId DisplayName UserPrincipalName UserType -------- ----------- ----------------- -------- 6456ac07-efa9-424f-b5d8-d22b536ab048 Admin Admin@Brocode.onmicrosoft.com Member 0aaf7760-210c-42fb-8e44-6ee587e2153d Prateek Nayyar nayyar.prateek@Brocode.gq Member
To short this full exercise we can combine them using something like this.
PS:13 >Get-AzureADGroupOwner -ObjectId $(Get-AzureADGroup -SearchString "Test@Brocode.gq").ObjectID
ObjectId DisplayName UserPrincipalName UserType -------- ----------- ----------------- -------- 6456ac07-efa9-424f-b5d8-d22b536ab048 Admin Admin@Brocode.onmicrosoft.com Member 0aaf7760-210c-42fb-8e44-6ee587e2153d Prateek Nayyar nayyar.prateek@Brocode.gq Member
PS:14 >function GetO365GroupOwner ($O365Group) {Get-AzureADGroupOwner -ObjectId $(Get-AzureADGroup -SearchString $O365Group).ObjectID}
PS:15 >GetO365GroupOwner -O365Group test@brocode.gq ObjectId DisplayName UserPrincipalName UserType -------- ----------- ----------------- -------- 6456ac07-efa9-424f-b5d8-d22b536ab048 Admin Admin@Brocode.onmicrosoft.com Member 0aaf7760-210c-42fb-8e44-6ee587e2153d Prateek Nayyar nayyar.prateek@Brocode.gq Member
Further to get the owner of multiple groups or all groups you can loop them tough this CMD.
Below script gets all the groups which are mail-enabled, to target the o365 group you just need the mail-enabled or likewise if you don't need the mail-enabled and need the security group only you can skip the mail-enabled.
$Groups = Get-AzureADGroup -All $true $groups = $Groups | ? {$_.mailenabled -ne $false} $report= @() foreach ($group in $Groups) { Write-host "Processting Group: $($group.DisplayName)" $owners = Get-AzureADGroupOwner -ObjectId $group.objectID $data = $owners | Select @{n="GroupName";E={$group.DisplayName}}, ` @{n="GroupEmailAddress";E={$group.mail}}, ` @{n="OwnerDisplayName";E={$_.DisplayName}}, ` @{n="OwnerEmailAddress";E={$_.UserPrincipalName}} $report+=$data } $report | Export-csv "O365Group-Owner-Details.csv" -notype
Comments
Post a Comment