Forum Discussion
O365 Groups | Removing group membership in bulk for certain groups
Hi,
I have a csv list of O365 groups that I want to remove all user memberships from.
Does anyone have a script to achieve that?
Thanks/Brgds
joao
From ChatGPT 4o:
To remove all users from a list of Office 365 groups (specified in a CSV file) using PowerShell, you'll need to:
1. **Install the Microsoft Online module** to manage Office 365 groups.
2. **Connect to your Office 365 tenant** using your admin credentials.
3. **Process the CSV file** and remove the members from the groups listed in it.Here’s an example PowerShell script to do this:
### Prerequisites:
- You should have the `AzureAD` or `Microsoft.Graph` module installed.
- You need admin access to the Office 365 tenant.### CSV Format:
Your CSV file should contain a list of Group IDs or names in a column, say `GroupName` or `GroupID`.```csv
GroupName
Group1
Group2
Group3
```# Import the required module Import-Module AzureAD # Sign in to your Office 365 tenant Connect-AzureAD # Path to your CSV file $csvPath = "C:\path\to\your\csvfile.csv" # Import the CSV containing the list of groups $groups = Import-Csv -Path $csvPath # Iterate over each group in the CSV foreach ($group in $groups) { $groupName = $group.GroupName # Assuming the column is named GroupName # Get the Group ID by Group Name $o365Group = Get-AzureADGroup -SearchString $groupName if ($o365Group) { Write-Host "Processing group: $groupName" # Get all members of the group $members = Get-AzureADGroupMember -ObjectId $o365Group.ObjectId foreach ($member in $members) { # Remove each member from the group Remove-AzureADGroupMember -ObjectId $o365Group.ObjectId -MemberId $member.ObjectId Write-Host "Removed member: $($member.UserPrincipalName) from group: $groupName" } } else { Write-Host "Group $groupName not found" } } # Disconnect from Azure AD Disconnect-AzureAD### Explanation:
1. **Connect-AzureAD**: Establishes a connection to your Office 365 tenant.
2. **Import-Csv**: Loads the CSV containing the list of group names.
3. **Get-AzureADGroup**: Retrieves the Office 365 group based on the name in the CSV.
4. **Get-AzureADGroupMember**: Retrieves all members of the group.
5. **Remove-AzureADGroupMember**: Removes each member from the group.
6. **Disconnect-AzureAD**: Closes the session after processing.Make sure to update the `$csvPath` variable to the correct path of your CSV file.
### Microsoft Graph Alternative:
If you are using Microsoft Graph, the steps would be similar, but you will use `Microsoft.Graph` module cmdlets instead. Let me know if you need a script for that too!
3 Replies
From ChatGPT 4o:
To remove all users from a list of Office 365 groups (specified in a CSV file) using PowerShell, you'll need to:
1. **Install the Microsoft Online module** to manage Office 365 groups.
2. **Connect to your Office 365 tenant** using your admin credentials.
3. **Process the CSV file** and remove the members from the groups listed in it.Here’s an example PowerShell script to do this:
### Prerequisites:
- You should have the `AzureAD` or `Microsoft.Graph` module installed.
- You need admin access to the Office 365 tenant.### CSV Format:
Your CSV file should contain a list of Group IDs or names in a column, say `GroupName` or `GroupID`.```csv
GroupName
Group1
Group2
Group3
```# Import the required module Import-Module AzureAD # Sign in to your Office 365 tenant Connect-AzureAD # Path to your CSV file $csvPath = "C:\path\to\your\csvfile.csv" # Import the CSV containing the list of groups $groups = Import-Csv -Path $csvPath # Iterate over each group in the CSV foreach ($group in $groups) { $groupName = $group.GroupName # Assuming the column is named GroupName # Get the Group ID by Group Name $o365Group = Get-AzureADGroup -SearchString $groupName if ($o365Group) { Write-Host "Processing group: $groupName" # Get all members of the group $members = Get-AzureADGroupMember -ObjectId $o365Group.ObjectId foreach ($member in $members) { # Remove each member from the group Remove-AzureADGroupMember -ObjectId $o365Group.ObjectId -MemberId $member.ObjectId Write-Host "Removed member: $($member.UserPrincipalName) from group: $groupName" } } else { Write-Host "Group $groupName not found" } } # Disconnect from Azure AD Disconnect-AzureAD### Explanation:
1. **Connect-AzureAD**: Establishes a connection to your Office 365 tenant.
2. **Import-Csv**: Loads the CSV containing the list of group names.
3. **Get-AzureADGroup**: Retrieves the Office 365 group based on the name in the CSV.
4. **Get-AzureADGroupMember**: Retrieves all members of the group.
5. **Remove-AzureADGroupMember**: Removes each member from the group.
6. **Disconnect-AzureAD**: Closes the session after processing.Make sure to update the `$csvPath` variable to the correct path of your CSV file.
### Microsoft Graph Alternative:
If you are using Microsoft Graph, the steps would be similar, but you will use `Microsoft.Graph` module cmdlets instead. Let me know if you need a script for that too!- Hi Dana,
Thanks. If you could share the ms graph script it would be great (I am transitioning to graph when possible).
All the best
joaoFrom ChatGPT 4o:
Here is a **Microsoft Graph PowerShell** version of the script to remove all users from a list of Microsoft 365 groups defined in a CSV file.
## ✅ Prerequisites
### 1. Install and Import Microsoft Graph Module (once per environment):
Install-Module Microsoft.Graph -Scope CurrentUser Import-Module Microsoft.Graph> You must have the following **Graph API permissions**:
* `Group.Read.All`
* `GroupMember.ReadWrite.All`## 2. CSV Format
Ensure your CSV has a column named `GroupName` or `GroupId`. Example:
GroupName
HR Team
IT Support
Marketing> Prefer using `GroupId` if available (it's more accurate), otherwise use `GroupName` with caution (it may return multiple matches).
---
# Import the Microsoft Graph module Import-Module Microsoft.Graph # Connect to Microsoft Graph with proper scopes Connect-MgGraph -Scopes "Group.ReadWrite.All", "User.Read.All" # Load CSV containing groups $csvPath = "C:\path\to\groups.csv" $groups = Import-Csv -Path $csvPath foreach ($entry in $groups) { $groupName = $entry.GroupName # Fetch the group by display name $group = Get-MgGroup -Filter "displayName eq '$groupName'" -ConsistencyLevel eventual -CountVariable count if ($group -eq $null) { Write-Host "Group '$groupName' not found." -ForegroundColor Yellow continue } $groupId = $group.Id Write-Host "Processing group: $groupName ($groupId)" -ForegroundColor Cyan # Paginate through all members $members = Get-MgGroupMember -GroupId $groupId -All if ($members.Count -eq 0) { Write-Host "No members found in group." -ForegroundColor Gray continue } foreach ($member in $members) { try { Remove-MgGroupMemberByRef -GroupId $groupId -DirectoryObjectId $member.Id Write-Host "Removed: $($member.Id)" -ForegroundColor Green } catch { Write-Host "Failed to remove member: $($member.Id) - $_" -ForegroundColor Red } } } # Disconnect session Disconnect-MgGraphNotes
* The script uses the `Get-MgGroup` cmdlet with a filter on `displayName`. This can return **multiple groups** if names are not unique. You may want to refine it or use `GroupId` instead.
* To ensure full pagination of group members, the script uses `-All` with `Get-MgGroupMember`.
