My question is, does a cmdlet exist that does the equivalent function of Get-ADPrincipalGroupMembership for M365 or AzureAD, and if not is there a way to achieve a similar functionality without enumerating and comparing every single group in a tenant.
I administrate a large number of Microsoft 365 tenants as well as local Active Directory for many companies. As part of this I frequently have to add/move/change user accounts. I have automated a fair amount of these changes via PowerShell with the Msol and ExchangeOnline modules. I have run into a road block however with updating a single user's group memberships. For on-premise AD, there exists the Get-ADPrincipalGroupMembership cmdlet, which allows me to specify a user and then returns all groups they are part of. I want to do the same thing with M365 and groups of all types (distribution, security, M365, etc.) but have been unable to find a cmdlet in any module that can do this.
I have looked at using the Get-MsolGroups and the Get-UnifiedGroups cmdlets to enumerate the entire tenant's groups to an array, then use Get-MsolGroupMember and the Get-UnifiedGroupLinks to run a comparison of every single member of every group against the user I am looking for. This method is overly complex, and drastically increases program runtime as it scans through many thousands of entries just to find the 5 or 10 I'm looking for.
I know this is possible at least in some sense, because both the AzureAD and the general M365 admin center GUI's are able to instantly pull up all of a user's group memberships when looking at the account. It may just be Microsoft has not yet built/made available a PowerShell cmdlet that utilizes this functionality.
Any insight would be appreciated!
Thanks