Identify all Azure AD group owners and assign P2

Occasional Contributor

Hi,

I want to assign access reviews to all Azure AD groups, and assign group owners as reviewers.


Access reviewer need P2 license, but majority of users in tenant have only P1. So, I need to assign P2 licenses to all group owners, so they can conduct the reviews.


There are no common denominators between group owners, outside the fact that they are all group owners.

1 Reply
I cannot think of any other way of doing this, apart from enumerating all the groups. Should be fairly straightforward for any group type recognized by Exchange:

Get-Group -ResultSize unlimited | ? {$_.RecipientTypeDetails -ne "RoleGroup"} | select Name,ManagedBy

For Azure AD Security groups, you have to run separate cmdlets. But a direct Graph query will also work:

GET https://graph.microsoft.com/beta/groups?$top=1000&$expand=owners($select=userPrincipalName)&$select=...