Remove user membership from azure active directory

Question

How to remove membership of all users from each group except domain group in active directory using power shell script.

Answer 1

@AbeerHayatKhan-1870

You can use below commands to remove users from all Azure AD groups.

Import-Module AzureAD
$Credential = Get-Credential
Connect-AzureAD -Credential $Credential

$userID = 'user object ID'
$Groups = Get-AzureADUserMembership -ObjectId $userID
foreach($Group in $Groups.ObjectId){
Remove-AzureADGroupMember -ObjectId $Group -MemberId $userID
}

OR you can also use below script,

Connect-AzureAD
Connect-ExchangeOnline

$userid = (Get-AzureADuser -objectid "******@testdomain.test").objectid

$Groups = Get-AzureADUserMembership -ObjectId $userID
foreach($Group in $Groups){
try {
Remove-AzureADGroupMember -ObjectId $Group.ObjectID -MemberId $userID -erroraction Stop
}
catch {
write-host "$($Group.displayname) membership cannot be removed via Azure cmdlets."
Remove-DistributionGroupMember -identity $group.mail -member $userid -BypassSecurityGroupManagerCheck # -Confirm:$false
}
}

Note: remove the comment before the Confirm parameter to skip confirmation.

Reference article: https://stackoverflow.com/questions/73689473/remove-azuread-user-from-all-groups-powershell#:~:text=Considering%20that%20Azure%20AD%20group,to%20meet%20the%20OP's%20requirements.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 2

Can you please rephrase your question as it's hard to understand what exactly you are trying to achieve? Is the goal to remove a user (or all users?) from all groups? In AD or Azure AD? Here's a sample script I wrote a while back which you can use to bulk remove users from all Azure AD groups: https://www.michev.info/Blog/Post/2161/script-to-remove-users-from-all-groups-in-office-365