Export Azure users from specific group and include their membership

Question

Hi!

Does anybody know a good script to export users from an specific/primary group, which will also search and export the users secondary/other groups, which was included in the primary group?

Does anybody also know how to filter to only look for an specific group from the secondary group?

I have found this: https://learn.microsoft.com/en-us/answers/questions/139633/powershell-script-to-export-all-azure-ad-groups-st-1.html#

1, Export the users from X Azure group.
2, Make it look at the users own membership.
3, Filter the users own membership groups so it only looks at Y Azure groups.
4, Export the results ,including the Users primary group aswell as secondary groups.

Answer 1

I do not believe that there is an official guide for this, but there are a number of blog posts and forum threads from people who have found ways to accomplish this.

One of the best ones I've seen so far is this post by Bas Wijdenes that allows you to export both groups and nested groups via Powershell.

$Grp = Get-AzureADGroup -Filter "DisplayName eq '$Group'" -ErrorAction Stop
Members = Get-AzureADGroupMember -ObjectId $Grp.ObjectId -ErrorAction Stop

Get-AzureADNestedGroupMembers -Groups 'GROUPNAME' -ObjectType Users

The full script is listed here on Github.

This other example uses "Get-AzureADGroupMember" and exports the users to a CSV.

Get-AzureADGroupMember -ObjectId 84b18857-3c01-48be-b707-492019c57142 | select UserPrincipalName,ProxyAddresses | Export-Csv -nti example.csv