PowerShell to pull direct and SP/AD groups permissions for an SPO Site Collection

Brass Contributor

Hi All,


I have tested below script for pulling SharePoint groups ( including their members ) and the permissions for a SharePoint Online site collection :


Import-Module Microsoft.Online.Sharepoint.PowerShell -DisableNameChecking



#Connect To SharePoint Online

Connect-SPOService -url $AdminSiteURL


#Get the Site collection

$URL = Get-SPOSite -Identity "URL"


#Get all Groups of the site collection   

$GroupColl = Get-SPOSiteGroup -Site $URL


Foreach($Group in $GroupColl)


    #Get Permissions assigned to the Group


    ForEach($Role in $Group.Roles)


        $GroupPermissions+= $Role+";"


    Write-host -f Yellow "Group Name: $($Group.Title) - Permissions: $($GroupPermissions)"


    #Get each member of the group

    foreach($User in $Group.Users)


         write-host -f Green $user




But, we have a requirement to get direct and domain group permissions as well. I am not getting any leads to how modify the above script .


Has anyone worked on such script before or have any idea how to modify the above one ?




0 Replies