Forum Discussion

jcasqueiro's avatar
jcasqueiro
Brass Contributor
Sep 19, 2024
Solved

O365 Groups | Removing group membership in bulk for certain groups

Hi, I have a csv list of O365 groups that I want to remove all user memberships from. Does anyone have a script to achieve that? Thanks/Brgds joao
office 365
  • DanaWhite's avatar
    DanaWhite
    Sep 20, 2024

    jcasqueiro 

    From ChatGPT 4o:

    To remove all users from a list of Office 365 groups (specified in a CSV file) using PowerShell, you'll need to:

    1. **Install the Microsoft Online module** to manage Office 365 groups.
    2. **Connect to your Office 365 tenant** using your admin credentials.
    3. **Process the CSV file** and remove the members from the groups listed in it.

    Here’s an example PowerShell script to do this:

    ### Prerequisites:
    - You should have the `AzureAD` or `Microsoft.Graph` module installed.
    - You need admin access to the Office 365 tenant.

    ### CSV Format:
    Your CSV file should contain a list of Group IDs or names in a column, say `GroupName` or `GroupID`.

    ```csv
    GroupName
    Group1
    Group2
    Group3
    ```

    # Import the required module
Import-Module AzureAD

# Sign in to your Office 365 tenant
Connect-AzureAD

# Path to your CSV file
$csvPath = "C:\path\to\your\csvfile.csv"

# Import the CSV containing the list of groups
$groups = Import-Csv -Path $csvPath

# Iterate over each group in the CSV
foreach ($group in $groups) {
$groupName = $group.GroupName # Assuming the column is named GroupName

# Get the Group ID by Group Name
$o365Group = Get-AzureADGroup -SearchString $groupName

if ($o365Group) {
Write-Host "Processing group: $groupName"

# Get all members of the group
$members = Get-AzureADGroupMember -ObjectId $o365Group.ObjectId

foreach ($member in $members) {
# Remove each member from the group
Remove-AzureADGroupMember -ObjectId $o365Group.ObjectId -MemberId $member.ObjectId
Write-Host "Removed member: $($member.UserPrincipalName) from group: $groupName"
}
} else {
Write-Host "Group $groupName not found"
}
}

# Disconnect from Azure AD
Disconnect-AzureAD

     

    ### Explanation:
    1. **Connect-AzureAD**: Establishes a connection to your Office 365 tenant.
    2. **Import-Csv**: Loads the CSV containing the list of group names.
    3. **Get-AzureADGroup**: Retrieves the Office 365 group based on the name in the CSV.
    4. **Get-AzureADGroupMember**: Retrieves all members of the group.
    5. **Remove-AzureADGroupMember**: Removes each member from the group.
    6. **Disconnect-AzureAD**: Closes the session after processing.

    Make sure to update the `$csvPath` variable to the correct path of your CSV file.

    ### Microsoft Graph Alternative:
    If you are using Microsoft Graph, the steps would be similar, but you will use `Microsoft.Graph` module cmdlets instead. Let me know if you need a script for that too!

jcasqueiro's avatar
jcasqueiro
Brass Contributor
Sep 20, 2024
Hi Dana,
Thanks. If you could share the ms graph script it would be great (I am transitioning to graph when possible).
All the best
joao
DanaWhite's avatar
DanaWhite
Brass Contributor
Dec 29, 2025

From ChatGPT 4o:

Here is a **Microsoft Graph PowerShell** version of the script to remove all users from a list of Microsoft 365 groups defined in a CSV file.

## ✅ Prerequisites

### 1. Install and Import Microsoft Graph Module (once per environment):

Install-Module Microsoft.Graph -Scope CurrentUser
Import-Module Microsoft.Graph

> You must have the following **Graph API permissions**:

* `Group.Read.All`
* `GroupMember.ReadWrite.All`

## 2. CSV Format

Ensure your CSV has a column named `GroupName` or `GroupId`. Example:

GroupName
HR Team
IT Support
Marketing

> Prefer using `GroupId` if available (it's more accurate), otherwise use `GroupName` with caution (it may return multiple matches).

---

# Import the Microsoft Graph module
Import-Module Microsoft.Graph

# Connect to Microsoft Graph with proper scopes
Connect-MgGraph -Scopes "Group.ReadWrite.All", "User.Read.All"

# Load CSV containing groups
$csvPath = "C:\path\to\groups.csv"
$groups = Import-Csv -Path $csvPath

foreach ($entry in $groups) {
    $groupName = $entry.GroupName

    # Fetch the group by display name
    $group = Get-MgGroup -Filter "displayName eq '$groupName'" -ConsistencyLevel eventual -CountVariable count

    if ($group -eq $null) {
        Write-Host "Group '$groupName' not found." -ForegroundColor Yellow
        continue
    }

    $groupId = $group.Id
    Write-Host "Processing group: $groupName ($groupId)" -ForegroundColor Cyan

    # Paginate through all members
    $members = Get-MgGroupMember -GroupId $groupId -All

    if ($members.Count -eq 0) {
        Write-Host "No members found in group." -ForegroundColor Gray
        continue
    }

    foreach ($member in $members) {
        try {
            Remove-MgGroupMemberByRef -GroupId $groupId -DirectoryObjectId $member.Id
            Write-Host "Removed: $($member.Id)" -ForegroundColor Green
        } catch {
            Write-Host "Failed to remove member: $($member.Id) - $_" -ForegroundColor Red
        }
    }
}

# Disconnect session
Disconnect-MgGraph

 Notes

* The script uses the `Get-MgGroup` cmdlet with a filter on `displayName`. This can return **multiple groups** if names are not unique. You may want to refine it or use `GroupId` instead.
* To ensure full pagination of group members, the script uses `-All` with `Get-MgGroupMember`.

 

 

Resources