Share via

Azure AD Export AD groups

Rising Flight 5,216 Reputation points
2021-01-28T12:25:19.887+00:00

When i go to Azure Active Directory

Home-->Contoso-->users-->Ben
under groups(Preview) i can see all groups for user Ben i.e mail enabled security, security, Distribution,Microsoft 365.
i want to export Group Names, Group Types, Email to csv file for this user. how do i do it.

  1. If i just need to export Distribution groups how do i do.
  2. if i have users in csv file how can i import the csv file and export the output(groups) to csv file from Azure AD powershell

users
******@mydomain.com
******@mydomain.com

Windows for business | Windows Server | User experience | PowerShell
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Windows for business | Windows Server | User experience | Other
0 comments
Accepted answer
  1. Andreas Baumgarten 123.7K Reputation points MVP Volunteer Moderator
    2021-01-29T11:56:43.817+00:00

    Please give it a try:

    $users = Get-Content -Path "$userFile" 
 ForEach ($user in $users)
        {
            $memberships = Get-AzureADUserMembership -ObjectId $user | Where-Object {$_.MailEnabled -eq $true}
            foreach ($membership in $memberships)
                {
                $membershipDisplayName =  $membership.Displayname
                $membershipMailEnabled = $membership.MailEnabled
                $membershipObjectType = $membership.ObjectType
                $membershipSecurityEnabled = $membership.SecurityEnabled
                $membershipMail = $membership.Mail

                $out = "$user,$membershipDisplayName,$membershipMailEnabled,$membershipObjectType,$membershipSecurityEnabled,$membershipMail"
                $out | Out-File -FilePath $outputFile -Append
                }
        }

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    1 person found this answer helpful.
    0 comments

11 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 123.7K Reputation points MVP Volunteer Moderator
    2021-01-28T23:46:04.137+00:00

    Via Azure Portal:
    Export AAD groups works the same like export AAD users:
    https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/users-bulk-download
    You can use the filter before export if required.

    Import AAD users from CSV:
    https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/users-bulk-add

    Via PowerShell:
    Import users
    https://learn.microsoft.com/en-us/powershell/azure/active-directory/importing-data?view=azureadps-2.0

    Export groups:
    https://learn.microsoft.com/de-de/azure/active-directory/enterprise-users/groups-settings-v2-cmdlets

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments
  2. Rising Flight 5,216 Reputation points
    2021-01-29T04:40:32.87+00:00

    If i have users in csv file will the below syntax work for me

    Names
    ******@mydomain.com
    ******@mydomain.com

    how can i add mail enabled set to true in this synax so that i can pull only distribution groups, unified groups and mail enabled security group.

    import-csv c:\temp\users.csv | % {Get-AzureADUserMembership -ObjectID -identity $_.Names | Select-Object DisplayName, MailEnabled, ObjectType, SecurityEnabled, Mail | Export-Csv -Path C:\Temp\Data.CSV -NoTypeInformation}

    0 comments
  3. Andreas Baumgarten 123.7K Reputation points MVP Volunteer Moderator
    2021-01-29T09:10:18.347+00:00

    You can use Where-Object for filtering the Get-AzureADUserMembership output.

    Just an example (not tested): 

    Get-AzureADUserMembership -ObjectID -identity $_.Names | Where {$_.MailEnabled -eq 'true'} # Where MailEnabled is "true"

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments
  4. Rising Flight 5,216 Reputation points
    2021-01-29T09:34:02.043+00:00

    when i use the below syntax i am getting error

    Names
    ******@mydomain.com
    ******@mydomain.com

    import-csv C:\Temp\users.csv | % {Get-AzureADUserMembership -ObjectID -identity $.Names | Where {$.MailEnabled -eq 'true'}| Select-Object DisplayName, MailEnabled, ObjectType, SecurityEnabled, Mail | Export-Csv -Path C:\Temp\Data.csv -NoTypeInformation}

    Get-AzureADUserMembership : A positional parameter cannot be found that accepts argument
    '******@mydomain.com'.
    At line:1 char:59

    • import-csv C:\Temp\users.csv | % {Get-AzureADUserMembers ...
    • ~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : InvalidArgument: (:) [Get-AzureADUserMembership], ParameterBindingException
    • FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.Open.AzureAD16.PowerShell.GetUserMemberships
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.