Forum Discussion

Sebastian Mellebeek's avatar
Sebastian Mellebeek
Copper Contributor
Mar 14, 2023

Microsoft Graph API - Get members from cloud only groups

Hey all, 

 

Was wondering if someone has an idea or even the solution to get the members of cloud only groups in Azure AD. 

I achieved showing cloud only groups via:

groups?$select=id,displayName,description,mailNickname,onPremisesSamAccountName,onPremisesSyncEnabled,securityIdentifier&$filter=onPremisesSyncEnabled eq null&$count=true

 

Header contains ConsistencyLevel = eventual as described in (https://learn.microsoft.com/en-us/graph/aad-advanced-queries?tabs=http

 

But for now I can't find a working solution to only show the members for these groups. Someone any idea how to build the query? 

 

With kind regards,

Sebastian Mellebeek

  • eliekarkafy's avatar
    eliekarkafy
    MVP
    Mar 14, 2023
    I will share with you a PowerShell script that retrieve all members for cloud only groups and export it to a CSV file.

    $Groups = Get-AzureADGroup -All $true | Where-Object {$_.GroupType -eq "Unified"}
    $Results = @()
    foreach ($Group in $Groups) {
    if ($Group.SecurityEnabled -eq $false) {
    $Members = Get-AzureADGroupMember -ObjectId $Group.ObjectId
    $Results += $Members | Select-Object @{Name="GroupName"; Expression={$Group.DisplayName}}, DisplayName, UserPrincipalName
    }
    }
    $Results | Export-Csv -Path "CloudOnlyGroupsMembers.csv" -NoTypeInformation
    • Sebastian Mellebeek's avatar
      Sebastian Mellebeek
      Copper Contributor
      Mar 14, 2023
      Hey ElieKarkafy,

      Thanks for the script.

      The thing is that i'm really searching on how to establish this with an ODATA query in Microsoft Graph Explorer.

      Any idea on that part?

      With kind regards,
      Sebastian Mellebeek
      • eliekarkafy's avatar
        eliekarkafy
        MVP
        Mar 14, 2023

        Sebastian Mellebeek try this and let me know if it works

         

        1. Go to the Microsoft Graph Explorer website: https://developer.microsoft.com/en-us/graph/graph-explorer

        2. Sign in with your Microsoft account.

        3. Select the "v1.0" version of the Microsoft Graph API.

        4. In the query box, enter the following URL:

          https://graph.microsoft.com/v1.0/groups?$filter=groupTypes/any(c:c+eq+'Unified')

          This will retrieve all groups in your organization that are cloud-only (i.e., have the "Unified" group type).

        5. Click the "Run query" button.

        6. If there are many groups, you may need to use the $top query parameter to limit the number of results returned. For example, you can add ?$top=50 to the end of the URL to return only the first 50 groups.

        7. For each group returned in the response, you can retrieve the members by adding /members to the end of the group's ID in the id field. For example:

          Replace {group-id} with the ID of the group for which you want to retrieve the members.

        8. If a group has many members, you may need to use the $top query parameter to limit the number of results returned. For example, you can add ?$top=50 to the end of the URL to return only the first 50 members.

        9. If a group has more members than the $top parameter specified, you can use the $skip query parameter to retrieve the next page of results. For example, you can add ?$top=50&$skip=50 to the end of the URL to retrieve the second page of results.

Resources