Skip to Content
Microsoft 365Entra IDUser Group Membership

User Group Membership

Extract a user’s group memberships and optionally copy them to another user. Useful for onboarding/offboarding.

Usage

Requires an active Microsoft Graph connection:

Connect-MgGraph -Scopes "User.Read.All", "Group.Read.All"

Extract a user’s groups

Replace {userid} with the actual user ID or UPN:

$groupIds = Get-MgUserMemberOf -UserId {userid} | Select-Object -ExpandProperty Id
foreach ($groupId in $groupIds) {
    $group = Get-MgGroup -GroupId $groupId
    Write-Output "Group: $($group.DisplayName)" >> '~/Access.txt'
}

Copy groups from one user to another

Useful when onboarding a new user who should have the same access as an existing team member.

Requires User.ReadWrite.All permissions:

Connect-MgGraph -Scopes "User.ReadWrite.All", "Group.ReadWrite.All"
 
$groupIds = Get-MgUserMemberOf -UserId <sourceUserId> | Select-Object -ExpandProperty Id
foreach ($groupId in $groupIds) {
    New-MgGroupMember -GroupId $groupId -DirectoryObjectId <targetUserId>
}

Replace <sourceUserId> and <targetUserId> with the appropriate user IDs.

Last updated on
Create Security Groups (bulk)Dynamic Group Rules