Exporting Group Types from Azure AD Powershell

0
votes

I am trying to export all Azure AD groups, their owners, description, email and its group type. Such as Office 365, Security or Distrubution. I have managed to export everything correctly into a .csv except the group type. Get-AzureADGroup will return only "Group" and I can't get any results from get-msolgroup -grouptype.

Script I have been using: 

$array = @()
$Properties=@{}
$Properties.add("GroupDisplayName","1")
$Properties.add("OwnerObjectId","2")
$Properties.add("OwnerObjectType","3")
$Properties.add("OwnerUserType","4")
$Properties.add("OwnerUserPrincipalName","5")
$Properties.add("GroupDescription","6")
$Properties.add("Email","7")
$Properties.add("GroupTypes","8")
$groups = Get-AzureADGroup -All $true
$GroupType = Get-MsolGroup -Grouptype
Foreach($group in $groups){

     $Owners = Get-AzureADGroupOwner -ObjectId $group.ObjectId -All $true
     $Properties.GroupDisplayName=$group.DisplayName
     $Properties.GroupDescription=$group.description
     $Properties.Email=$group.mail
     $Properties.GroupTypes=$group.GroupType
     if($Owners -ne $null){
       # group has owner
        Foreach($Owner in $Owners){ 
                $Properties.OwnerObjectId=$Owner.ObjectId
                $Properties.OwnerObjectType=$Owner.ObjectType
                $Properties.OwnerUserType=$Owner.UserType
                $Properties.OwnerUserPrincipalName=$Owner.UserPrincipalName
                $obj=New-Object PSObject -Property $Properties
                $array +=$obj 


        }
     }
     else{
                #group has no owner
                $Properties.OwnerObjectId=$null
                $Properties.OwnerObjectType=$null
                $Properties.OwnerUserType=$null
                $Properties.OwnerUserPrincipalName=$null
                $obj=New-Object PSObject -Property $Properties
                $array +=$obj  



     }

}
$array | export-csv -Path C:\scripts\Owners13.csv -NoTypeInformation -Encoding UTF8
1
azurepowershellazure-active-directory

1 Answers

0
votes

According to my research, the command Get-MsolGroup is a command of Azure AD V1 module : MSOnline. But the other commands you use are the command of Azure AD V2 module: AzureAD. They are in different modules. So if you want to use the command Get-MsolGroup, you need to run the command Connect-MsolService at frist. For example:

Connect-MsolService
Get-MsolGroup -all | Select-Object DisplayName, GroupType

enter image description here

Besides, if you just want to use AzureAD module to get group type, we can use the command Get-AzureADMSGroup to get it. But if we use the command, we need to make some judgments by the response's properties. For more details, please refer to the document For example

Connect-AzureAD
Get-AzureADMSGroup -All $true | Select-Object DisplayName, GroupTypes,MailEnabled, SecurityEnabled

Update

You can use the following script to implement your need.

connect-AzureAD
$array = @()
$Properties=@{}
$Properties.add("GroupDisplayName","1")
$Properties.add("OwnerObjectId","2")
$Properties.add("OwnerObjectType","3")
$Properties.add("OwnerUserType","4")
$Properties.add("OwnerUserPrincipalName","5")
$Properties.add("GroupDescription","6")
$Properties.add("Email","7")
$Properties.add("GroupTypes","8")
$groups = Get-AzureADGroup -All $true

Foreach($group in $groups){

     $Owners = Get-AzureADGroupOwner -ObjectId $group.ObjectId -All $true
     $Properties.GroupDisplayName=$group.DisplayName
     $Properties.GroupDescription=$group.description
     $Properties.Email=$group.mail
    
     $result=Get-AzureADMSGroup -Id $group.ObjectId | Select-Object GroupTypes,MailEnabled, SecurityEnabled, DisplayName

     If($result.GroupTypes[0] -eq "Unified"){

            $Properties.GroupTypes="O365"

       }
       elseif($result.SecurityEnabled  ){
    
            $Properties.GroupTypes="Security"  
       }
       else{
           $Properties.GroupTypes="Distrubution"

       }
     
     if($Owners -ne $null){
       # group has owner
        Foreach($Owner in $Owners){ 
                $Properties.OwnerObjectId=$Owner.ObjectId
                $Properties.OwnerObjectType=$Owner.ObjectType
                $Properties.OwnerUserType=$Owner.UserType
                $Properties.OwnerUserPrincipalName=$Owner.UserPrincipalName
                $obj=New-Object PSObject -Property $Properties
                $array +=$obj 


        }
     }
     else{
                #group has no owner
                $Properties.OwnerObjectId=$null
                $Properties.OwnerObjectType=$null
                $Properties.OwnerUserType=$null
                $Properties.OwnerUserPrincipalName=$null
                $obj=New-Object PSObject -Property $Properties
                $array +=$obj  



     }

     
     

}
$array | export-csv -Path E:\test.csv -Encoding UTF8 -NoTypeInformation

enter image description here