Last active
June 7, 2023 13:44
-
-
Save kevinblumenfeld/be441d76c0a2abe10a5fcff4d6c91db6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Remove-GraphGroupMember { | |
<# | |
.SYNOPSIS | |
Removes Members from Azure AD Security Group or Microsoft 365 Group | |
.DESCRIPTION | |
Removes Members from Azure AD Security Group or Microsoft 365 Group | |
.PARAMETER UserID | |
This is the User's ID. This is the user to be removed from the group | |
.PARAMETER GroupID | |
This is the Group's ID. This is the group from where we want to remove members | |
.PARAMETER InputObject | |
This is the pipeline input. | |
.EXAMPLE | |
Remove-GraphGroupMember -UserID 7cb1e5fe-abcd-4579-a158-7a046d004ad4 -GroupID 47d34d2f-abcd-468b-aaf8-d342f29f56e5 | |
.EXAMPLE | |
Import-Csv .\RemoveFromGroup.csv | Remove-GraphGroupMember -GroupID e1a8c7fd-abcd-4e85-8c62-c20b9f3b2d80 | Export-Csv .\Log.csv -nti | |
.NOTES | |
The minimum data in the csv file should be ID. These represent each the ID of each member you want to Remove from the group. | |
Example CSV: | |
if using a csv: | |
Department EmployeeID givenName surname mail DisplayName Id | |
Marketing 1201440 Test 101 Test101@contoso.com Test 101 27511368-abcd-4584-bfee-b55ebabc180c | |
Marketing 1201440 Test 102 Test102@contoso.com Test 102 feb8188a-abcd-4379-81e7-0cf40a0543d4 | |
Marketing 1201440 Test 103 Test103@contoso.com Test 103 362e0092-abcd-4fc7-8a94-f5b9bb9e2ac0 | |
Marketing 1201440 Test 104 Test104@contoso.com Test 104 3ea5eb9b-abcd-4ac5-bc1d-b0afa2a2a2bb | |
#> | |
[CmdletBinding()] | |
param ( | |
[Parameter(ParameterSetName = 'individual', Mandatory)] | |
$UserID, | |
[Parameter(ParameterSetName = 'pipeline', Mandatory)] | |
[Parameter(ParameterSetName = 'individual')] | |
$GroupID, | |
[Parameter(ParameterSetName = 'pipeline', ValueFromPipeline)] | |
$InputObject | |
) | |
begin { | |
if ([datetime]::UtcNow -ge $RefreshTime) { Connect-GraphRefresh } | |
$RestSplat = @{ | |
Uri = "https://graph.microsoft.com/beta/groups/{0}/members/{1}/`$ref" -f $GroupID, $UserId | |
Headers = @{Authorization = "Bearer $Script:Token" } | |
Method = 'DELETE' | |
Verbose = $false | |
ErrorAction = 'Stop' | |
} | |
try { | |
$null = Invoke-RestMethod @RestSplat | |
Write-Verbose ('Success:{0}' -f $UserId) | |
} | |
catch { | |
Write-Verbose ('Failed:{0}' -f $UserId) | |
} | |
} | |
process { | |
foreach ($item in $InputObject) { | |
if ([datetime]::UtcNow -ge $RefreshTime) { Connect-GraphRefresh } | |
$RestSplat = @{ | |
Uri = "https://graph.microsoft.com/beta/groups/{0}/members/{1}/`$ref" -f $GroupID, $item.Id | |
Headers = @{Authorization = "Bearer $Script:Token" } | |
Method = 'DELETE' | |
Verbose = $false | |
ErrorAction = 'Stop' | |
} | |
try { | |
$null = Invoke-RestMethod @RestSplat | |
Write-Verbose ('Success:{0}' -f $item.Id) | |
[PSCustomObject]@{ | |
Action = 'Remove Member' | |
Result = 'SUCCESS' | |
User = $item.Id | |
Group = $GroupID | |
Log = 'SUCCESS' | |
} | |
} | |
catch { | |
Write-Verbose ('Failed:{0}' -f $item.Id) | |
[PSCustomObject]@{ | |
Action = 'Remove Member' | |
Result = 'FAILED' | |
User = $item.Id | |
Group = $GroupID | |
Log = $_ | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment