Today’s cmdlet: Add-MsolGroupMember

 

If you’re familiar with the Exchange Online cmdlet, get-distributiongroup, you’re also familiar with managing traditional groups using PowerShell.

I wrote “traditional” because the types of distribution groups you may be familiar with are being replaced by Office 365 groups (at least, if Microsoft has any say in it, and it’s a fair bet they do).

I discussed Office 365 groups here; we’ll be detailing more cmdlets that manage that in future posts.

Getting back to Add-MsolGroupMember...

The groups you create using get-distributiongroup, along with synced groups created in Azure by Azure AD Connect (or DirSync, if you’ve been dragging your feet about upgrading), are ultimately homed in Azure AD. The Add-MsolGroupMember cmdlet allows you to ‘talk’ directly to the group object at the root level.

What it’s for: Adding members to Azure groups

How to use it: For example…

Note this example from Microsoft:

Add-MsolGroupMember -GroupObjectId 62f684d7-9ab1-4abc-a543-2257e085bdc6 -GroupMemberType User -GroupMemberObjectId bbb55777-d5aa-499d-abbf-353d4523049f

 

There are a few problems with this example as presented at the Microsoft article:

1.) How do you obtain the GroupObjectId?

2.) How do you obtain the GroupMemberObjectID?

Let’s tackle number one first:

GC C:\a-folder\file-listing-user-principal-names.txt | % {Get-MsolUser -Userprincipalname $_ | Select-Object UserPrincipalName, objectid} | Export-CSV ObjectId-info.CSV -NoTypeInformation

The above uses the get-content command to pipe a listing of user principal names into the command stream, returning ObjectIds and exporting the results to a CSV file.

This gives us a listing of ObjectIds.

To use this data, you can pipe the results into a variable like so:

$users = GC C:\office365-ps\source-files\Your-folder-name\your-file-name.txt

Now, for the second step…

The GroupMemberObjectID is a property of  MSOL groups and can be obtained as follows:

get-msolgroup -all | where {$_.Displayname -eq “Display Name of Your Group”}

It’s important to add the -all switch, otherwise you’ll see this error:

Bringing it all together, you can add a group of users to an MSOL group using the following:

$users | foreach {add-msolgroupmember -groupobjectid your-group-object-id -groupmembertype “user” -GroupMemberObjectId $_}

Note one caveat, which is that you cannot use this syntax to populate a mail-enabled group you created within Exchange Online.

 

Accompanying Cocktail: Aviation

INGREDIENTS

2¼ parts gin
¾ parts Maraschino liqueur
¾ parts lemon juice

Fill up the shaker with ice cubes
add lemon juice, gin and Maraschino liqueur to the shaker
shake well
strain into the cocktail glass

 

 

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.