zloeber/GetDuplicateAzureADDynamicGroups.ps1

## GetDuplicateAzureADDynamicGroups.ps1
<#
Finds a good portion of possible dupliate dynamic groups in Azure AD. Will not find super complicated member filter duplicates but should find most common filters (like all PCs and the zillions of 'Subsidiary*' groups that InTune upgrades have created on the back end)

Requires the AzureADPreview module to work correctly!

More on dynamic membership in Azure AD:
 https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-dynamic-membership-azure-portal
#>

Remove-Module AzureAD -Force -ErrorAction:SilentlyContinue
Import-Module AzureADPreview
Connect-AzureAD

function Normalize-DynamicGroupFilter ($Filter) {
    # Somewhat normalizes the Odata filter on dynamic member groups for comparison sake
    if ($null -ne $filter) {
        $filter -replace '\(','' `
            -replace '\)','' `
            -replace '\ -eq',' eq' `
            -replace '\ -any',' any' `
            -replace '\ -ne',' ne'
    }
    else {
        $null
    }
}

Function Get-AzureADDuplicateDynamicGroups {
    # Gets a list of dynamic groups that have duplicate filters
    $CurrentDyngroups = Get-AzureADMSGroup -All:$True | Where {($_.GroupTypes -eq 'DynamicMembership')}
    Foreach ($DynGroup in $CurrentDynGroups) {
        $DynGroup | Add-Member -MemberType NoteProperty -Name 'NormalizedFilter' -Value (Normalize-DynamicGroupFilter $DynGroup.MembershipRule)
    }
    $CurrentDynGroups | Group-Object NormalizedFilter
}

Get-AzureADDuplicateDynamicGroups | Foreach {
    if ($_.Count -gt 1) {
        Write-Output "Normalized Filter = $($_.Name) : Groups found = $($_.Count)"
        Write-Output ''
        $_.Group
    }
}
	<#
	Finds a good portion of possible dupliate dynamic groups in Azure AD. Will not find super complicated member filter duplicates but should find most common filters (like all PCs and the zillions of 'Subsidiary*' groups that InTune upgrades have created on the back end)

	Requires the AzureADPreview module to work correctly!

	More on dynamic membership in Azure AD:
	https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-dynamic-membership-azure-portal
	#>

	Remove-Module AzureAD -Force -ErrorAction:SilentlyContinue
	Import-Module AzureADPreview
	Connect-AzureAD

	function Normalize-DynamicGroupFilter ($Filter) {
	# Somewhat normalizes the Odata filter on dynamic member groups for comparison sake
	if ($null -ne $filter) {
	$filter -replace '\(','' `
	-replace '\)','' `
	-replace '\ -eq',' eq' `
	-replace '\ -any',' any' `
	-replace '\ -ne',' ne'
	}
	else {
	$null
	}
	}

	Function Get-AzureADDuplicateDynamicGroups {
	# Gets a list of dynamic groups that have duplicate filters
	$CurrentDyngroups = Get-AzureADMSGroup -All:$True \| Where {($_.GroupTypes -eq 'DynamicMembership')}
	Foreach ($DynGroup in $CurrentDynGroups) {
	$DynGroup \| Add-Member -MemberType NoteProperty -Name 'NormalizedFilter' -Value (Normalize-DynamicGroupFilter $DynGroup.MembershipRule)
	}
	$CurrentDynGroups \| Group-Object NormalizedFilter
	}

	Get-AzureADDuplicateDynamicGroups \| Foreach {
	if ($_.Count -gt 1) {
	Write-Output "Normalized Filter = $($_.Name) : Groups found = $($_.Count)"
	Write-Output ''
	$_.Group
	}
	}