Add an Azure AD Security Group to sub webs under root site with PowerShell

Daniel Westerdale · ‎Sep 24 2021

I have been knocking up a small PowerShell script to assign a security group to all sub webs with unique permissions under a root site. Building a list of sub web urls is straighforward. However, I have looked though the various PnP or SharePoint online commands, but still can't see how I can add either the security group say with "Full control" permissions or simple add the security group as a member to the web owners group.

I think we could do this historically with on premise SharePoint using local AD groups.

Daniel Westerdale · ‎Sep 28 2021

@Daniel Westerdale

Bizarely, after watching the film Fight Club, the answer cam really quickly :beaming_face_with_smiling_eyes:.

1) get locate your Azure AD group

$adGroupToAddtoWeb = Get-PnPAzureADGroup -Identity "YOUR_SG_GROUP_NAME"

2) in your Foreach loop of sites you connect to , locate the owner group and then add the above AD group

but make sure you you use the client creation into syntax

try
{

$ownerGroup = Get-PnPGroup -AssociatedOwnerGroup


      Add-PnPGroupMember -LoginName  ("c:0t.c|tenant|" + $adGroupToAddtoWeb.Id.ToString())   -Group $ownerGroup

     # write output
     $message ='your chosen SG now added to Owners group'

   }
   catch {
      $message = 'AD group not added'
      Write-Error $Error[0]
   }

Hope someone finds this useful.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Add an Azure AD Security Group to sub webs under root site with PowerShell

Add an Azure AD Security Group to sub webs under root site with PowerShell

Re: Add an Azure AD Security Group to sub webs under root site with PowerShell