Forum Discussion
Solved
Can I See Where On-Premises Security Groups Are Used in SharePoint?
We have dozens of Security Groups synced to M365. Some of them are used in SharePoint. I'd like to see where these groups are being used so we can determine if they are still needed.
xoxidein you have to create a PowerShell script for that.
As starting point you can use something similar to:
SharePoint Online: Site Users and Groups Report using PowerShell - SharePoint Diary
If you want to report only On-Premises Groups then you have to adapt the above script:
- You have to export the list of Groups in Azure AD where source is "Windows Server AD"
- Save the output in a txt/csv file
- Adapt the script to match the name of the Groups present in the output file
- Execute the script on each site collection
xoxidein you have to create a PowerShell script for that.
As starting point you can use something similar to:
SharePoint Online: Site Users and Groups Report using PowerShell - SharePoint Diary
If you want to report only On-Premises Groups then you have to adapt the above script:
- You have to export the list of Groups in Azure AD where source is "Windows Server AD"
- Save the output in a txt/csv file
- Adapt the script to match the name of the Groups present in the output file
- Execute the script on each site collection
mr_w1nst0n Thank you for pointing me in the right direction. I ended up finding a more advanced script and was able to enter a Group, have it return all Sites found in my Tenant and display text next to the one that it found the Site that had the Group present!
For anyone else who comes here, I started using this script:
And changed it into this:
#Number of results $numResults = 0 #Intro Write-Host "" Write-Host "##########################################" -ForegroundColor "Green" Write-Host -NoNewLine "#" -ForegroundColor "Green" Write-Host " #" -ForegroundColor "Green" Write-Host "# Find Sites That Contain Target Group #" -ForegroundColor "Green" Write-Host -NoNewLine "#" -ForegroundColor "Green" Write-Host " #" -ForegroundColor "Green" Write-Host "##########################################" -ForegroundColor "Green" Start-Sleep -s 3 #Check to see if the SharePoint Online Module is installed Write-Host "" Write-Host "Checking for installation of SharePoint Online module..." -ForegroundColor "Yellow" Start-Sleep -s 3 if (Get-Module -ListAvailable -Name Microsoft.Online.SharePoint.PowerShell) { Write-Host "" Write-Host "SharePoint Online module already installed." -ForegroundColor "Yellow" Start-Sleep -s 3 } else { Write-Host "" Write-Host "Installing SharePoint Online module..." -ForegroundColor "Yellow" Start-Sleep -s 3 Write-Host "" Install-Module Microsoft.Online.SharePoint.PowerShell } #Define Security Group Write-Host "" Write-Host "Type the name of the target Group: " -ForegroundColor "Yellow" -NoNewLine $groupName = Read-Host Start-Sleep -s 3 #Connect to our M365 tenant - Please change here the tenant SharePoint site admin URL Write-Host "" Write-Host "Connecting to SharePoint Online..." -ForegroundColor "Yellow" Start-Sleep -s 3 Connect-SPOService "https://site-admin.sharepoint.com/" #Get all SharePoint sites Write-Host "" Write-Host "Collecting Sites..." -ForegroundColor "Yellow" Start-Sleep -s 3 $spoSites = Get-SPOSite -Limit All #Seaching Every Site for target Group Write-Host "" Write-Host "Searching Sites..." -ForegroundColor "Yellow" Write-Host "" Start-Sleep -s 3 foreach ($spoSite in $spoSites) { Write-Host $spoSite.Url -NoNewline #Search Groups try { $groups = Get-SPOUser -Site $spoSite.Url -Limit All | Where { $_.IsGroup -and $_.DisplayName -ne "Everyone" -and $_.DisplayName -ne "Everyone except external users"} # verifying each group foreach ($group in $groups) { #Check for Group match if($group.DisplayName.Contains($groupName)) { #Site with Group Write-Host " *** Group Found ***" -ForegroundColor "Cyan" -NoNewline #Add to count $numResults = $numResults + 1 } } } catch { continue; } Write-Host "`r" } #Disconnect from SharePoint Online Write-Host "" Write-Host "Disconnecting from SharePoint Online" -ForegroundColor "Yellow" Disconnect-SPOService Write-Host "" Write-Host "Found " -ForegroundColor "Yellow" -NoNewline Write-Host $numResults -ForegroundColor "Yellow" -NoNewline Write-Host " Site(s) containing " -ForegroundColor "Yellow" -NoNewline Write-Host $groupName -ForegroundColor "Yellow" Write-Host "" Write-Host "Mission Complete" -ForegroundColor "Green" Write-Host ""
