Sample Powershell to identify groups with HBI classification and have external users

Microsoft
Here's some sample PowerShell that will
- Identify Office 365 Groups with a "HBI" classification and if there are Guest users within the group.
- Identify the owners of the respective groups
- Identify the specific guest users within each group
 
This could be used in conjunction with Microsoft Flow to programmatically
- automate the removal of guest users from groups with specific classifications
- automate an email to the owners of the group to alert the presence of external (guest) users in an Office 365 Group
- automate an email to the owners of the group to indicate the Office 365 Group is not compliant with guest access policy and then programmatically disable/remove external guests
 
$Groups = Get-UnifiedGroup -Filter {GroupExternalMemberCount -gt 0} | Where-Object {$_.Classification -eq 'HBI'} 

$groups| Format-Table -AutoSize DisplayName, Classification, GroupMemberCount, GroupExternalMemberCount, Managedby

ForEach ($G in $Groups) 
  { 
  $Ext = Get-UnifiedGroupLinks -Identity $G.Identity -LinkType Members
  ForEach ($E in $Ext) {
     If ($E.Name -match "#EXT#")
        { Write-Host "Group " $G.DisplayName "includes guest user" $E.Name }
  }
  }
0 Replies