Microsoft.Entra.Groups-Help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Add-EntraGroupMember</command:name> <command:verb>Add</command:verb> <command:noun>EntraGroupMember</command:noun> <maml:description> <maml:para>Adds a member to a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The Add-EntraGroupMember cmdlet adds a member to a group.</maml:para> <maml:para>In delegated scenarios, the signed-in user needs a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/members/update` permission. The minimum roles required for this operation, excluding role-assignable groups, are:</maml:para> <maml:para>- Group owners</maml:para> <maml:para>- Directory Writers</maml:para> <maml:para>- Groups Administrator</maml:para> <maml:para>- User Administrator</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Add-EntraGroupMember</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>RefObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>RefObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the Microsoft Entra ID object that is assigned as an owner, manager, or member.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------- Example 1: Add a member to a group --------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Contoso Marketing Group'" $user = Get-EntraUser -UserId 'SawyerM@contoso.com' Add-EntraGroupMember -GroupId $group.Id -RefObjectId $user.Id</dev:code> <dev:remarks> <maml:para>This example demonstrates how to add a member to a group.</maml:para> <maml:para>- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add a member.</maml:para> <maml:para>- `-RefObjectId` - Specifies the unique identifier (Object ID) of the member to be added to the group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraGroupMember</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Add-EntraGroupOwner</command:name> <command:verb>Add</command:verb> <command:noun>EntraGroupOwner</command:noun> <maml:description> <maml:para>Adds an owner to a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Add-EntraGroupOwner` cmdlet adds an owner to a Microsoft Entra ID group. Specify the `GroupId` and `RefObjectId` parameters to add an owner to a group.</maml:para> <maml:para>In delegated scenarios, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The minimum roles required for this operation are:</maml:para> <maml:para>- Group owners</maml:para> <maml:para>- User Administrator</maml:para> <maml:para>- Directory Writers</maml:para> <maml:para>- Groups Administrator</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Add-EntraGroupOwner</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>RefObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>RefObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the Microsoft Entra ID object that will be assigned as owner/manager/member.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------- Example 1: Add an owner to a group --------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" $user = Get-EntraUser -UserId 'SawyerM@contoso.com' Add-EntraGroupOwner -GroupId $group.Id -RefObjectId $user.Id</dev:code> <dev:remarks> <maml:para>This example demonstrates how to add an owner to a group.</maml:para> <maml:para>- `-GroupId` - Specifies the unique identifier (Object ID) of the group to which you want to add an owner.</maml:para> <maml:para>- `-RefObjectId` - Specifies the unique identifier (Object ID) of the owner to be added to the group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraGroupOwner</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Add-EntraLifecyclePolicyGroup</command:name> <command:verb>Add</command:verb> <command:noun>EntraLifecyclePolicyGroup</command:noun> <maml:description> <maml:para>Adds a group to a lifecycle policy.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Add-EntraLifecyclePolicyGroup` cmdlet adds a group to a lifecycle policy in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Add-EntraLifecyclePolicyGroup</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of an Office365 group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the lifecycle policy object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of an Office365 group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the lifecycle policy object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------- Example 1: Add a group to the lifecycle policy --------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" $policy = Get-EntraGroupLifecyclePolicy | Select-Object -First 1 Add-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id</dev:code> <dev:remarks> <maml:para>This example adds a group to the lifecycle policy.</maml:para> <maml:para>- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy add to the group.</maml:para> <maml:para>- `-GroupId` parameter specifies the ID of the group add to the Lifecycle Policy.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Add-EntraLifecyclePolicyGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraLifecyclePolicyGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraLifecyclePolicyGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraDeletedGroup</command:name> <command:verb>Get</command:verb> <command:noun>EntraDeletedGroup</command:noun> <maml:description> <maml:para>Retrieves soft-deleted groups in Microsoft Entra ID.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraDeletedGroup` cmdlet retrieves soft-deleted groups from the directory. Deleted groups can be recovered within 30 days, after which they are permanently deleted.</maml:para> <maml:para>Soft delete currently applies only to Unified Groups (Office 365 Groups).</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraDeletedGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraDeletedGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The GroupId of the deleted group to be retrieved.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraDeletedGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>SearchString</maml:name> <maml:description> <maml:para>Specifies a search string.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The GroupId of the deleted group to be retrieved.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>SearchString</maml:name> <maml:description> <maml:para>Specifies a search string.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------- Example 1: Get deleted groups in the directory --------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves all recoverable deleted groups in the Microsoft Entra ID. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Get deleted groups in the directory using All parameter</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup -All DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves all recoverable deleted groups in the directory, using All parameter. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------ Example 3: Get top two deleted groups ------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup -Top 2 DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves top two deleted groups in the directory. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>--- Example 4: Get deleted groups containing string 'test2' ---</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup -SearchString 'test2' DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership} test22 bbbbbbbb-1111-2222-3333-cccccccccccc test22 desc2 {Unified, DynamicMembership} test23 cccccccc-2222-3333-4444-dddddddddddd test23 desc3 {Unified, DynamicMembership} test24 dddddddd-3333-4444-5555-eeeeeeeeeeee test24 desc4 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves deleted groups in the directory, containing the specified string. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----- Example 5: Get deleted groups filter by display name -----</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup -Filter "displayName eq 'test21'" DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves deleted groups in the directory, having the specified display name. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------- Example 6: Get deleted group by GroupId -----------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.Read.All' Get-EntraDeletedGroup -GroupId 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb' DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- test21 aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb test21 desc1 {Unified, DynamicMembership}</dev:code> <dev:remarks> <maml:para>This cmdlet retrieves the deleted group specified by GroupId.</maml:para> <maml:para>- `-GroupId` parameter specifies the deleted group GroupId.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraDeletedGroup</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroup</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroup</command:noun> <maml:description> <maml:para>Gets a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraGroup` cmdlet gets a group in Microsoft Entra ID. Specify the `ObjectId` parameter to get a specific group.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The unique identifier of a group in Microsoft Entra ID (GroupId)</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>SearchString</maml:name> <maml:description> <maml:para>Specifies a search string.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The unique identifier of a group in Microsoft Entra ID (GroupId)</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>SearchString</maml:name> <maml:description> <maml:para>Specifies a search string.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------ Example 1: Get all groups ------------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' Get-EntraGroup DisplayName Id MailNickname Description ----------- -- ------------ ----------- SimpleTestGrp aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb NickName SimpleGroup bbbbbbbb-1111-2222-3333-cccccccccccc NickName testGroupInAU10 cccccccc-2222-3333-4444-dddddddddddd testGroupInAU10 testGroupInAU10 My new group dddddddd-3333-4444-5555-eeeeeeeeeeee NotSet New created group SimpleGroup eeeeeeee-4444-5555-6666-ffffffffffff NickName</dev:code> <dev:remarks> <maml:para>This example demonstrates how to get all groups from Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----- Example 2: Get a specific group by using an GroupId -----</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" Get-EntraGroup -GroupId $group.Id DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneaglegroup Crimson Eagle Group {Unified}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve specific group by providing ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------------- Example 3: Get top five groups ----------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' Get-EntraGroup -Top 5 DisplayName Id MailNickname Description ----------- -- ------------ ----------- Contoso Group hhhhhhhh-3333-5555-3333-qqqqqqqqqqqq contosogroup Contoso Group Crimson Eagle pppppppp-4444-0000-8888-yyyyyyyyyyyy crimsoneagle Crimson Eagle Group Bold Falcon tttttttt-0000-3333-9999-mmmmmmmmmmmm boldfalcon Bold Falcon Group Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda Misty Fox kkkkkkkk-3333-5555-1111-nnnnnnnnnnnn mistyfox Misty Fox Group</dev:code> <dev:remarks> <maml:para>This example demonstrates how to get top five groups.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------ Example 4: Get a group by DisplayName ------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' Get-EntraGroup -Filter "DisplayName eq 'Azure Panda'" DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- Azure Panda qqqqqqqq-5555-0000-1111-hhhhhhhhhhhh azurepanda Azure Panda {Unified}</dev:code> <dev:remarks> <maml:para>In this example, we retrieve group using the Display Name.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------ Example 5: Get groups that contain a search string ------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' Get-EntraGroup -SearchString 'New' DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- New Sparkling Deer bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq newsparklingdeer New Sparkling Deer Group {Unified} New Golden Fox xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb newgoldenfox New Golden Fox {DynamicMembership}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve groups that include the text new in their display names from Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------- Example 6: Listing ownerless groups -------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $allGroups = Get-EntraGroup -All $groupsWithoutOwners = foreach ($group in $allGroups) { $owners = Get-EntraGroupOwner -ObjectId $group.Id if ($owners.Count -eq 0) { $group } } $groupsWithoutOwners | Format-Table DisplayName, Id, GroupTypes DisplayName Id GroupTypes ----------- -- ---------- My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve groups without owners. By identifying ownerless groups, IT admins can improve overall governance and operational efficiency.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>--------------- Example 7: Listing empty groups ---------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $allGroups = Get-EntraGroup -All $groupsWithoutMembers = foreach ($group in $allGroups) { $members = Get-EntraGroupMember -ObjectId $group.Id if ($members.Count -eq 0) { $group } } $groupsWithoutMembers | Format-Table DisplayName, Id, GroupTypes DisplayName Id GroupTypes ----------- -- ---------- My new group aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb {} HelpDesk admin group eeeeeeee-4444-5555-6666-ffffffffffff {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve groups without members. By identifying memberless groups, IT admins can identify and clean up unused or obsolete groups that no longer serve a purpose.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Set-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroupAppRoleAssignment</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroupAppRoleAssignment</command:noun> <maml:description> <maml:para>Gets a group application role assignment.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraGroupAppRoleAssignment` cmdlet gets a group application role assignment in Microsoft Entra ID. Specify the `GroupId` parameter to get a group application role assignment.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroupAppRoleAssignment</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>- Example 1: Retrieve application role assignments of a group -</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -SearchString 'Contoso marketing' Get-EntraGroupAppRoleAssignment -GroupId $group.Id ObjectId ResourceDisplayName PrincipalDisplayName -------- ------------------- -------------------- MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR</dev:code> <dev:remarks> <maml:para>This example retrieves the application role assignments of a group.</maml:para> <maml:para>- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Retrieve all application role assignments of a group</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -SearchString 'Contoso marketing' Get-EntraGroupAppRoleAssignment -GroupId $group.Id -All ObjectId ResourceDisplayName PrincipalDisplayName -------- ------------------- -------------------- MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR MSVrBV4APk--eAGnHqMKBDtEqPRvu8xLqWHDSXUhoTE M365 License Manager Ask HR</dev:code> <dev:remarks> <maml:para>This example retrieves all application role assignments of the specified group.</maml:para> <maml:para>- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 3: Retrieve top two application role assignments of a group</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -SearchString 'Contoso marketing' Get-EntraGroupAppRoleAssignment -GroupId $group.Id -Top 2 ObjectId ResourceDisplayName PrincipalDisplayName -------- ------------------- -------------------- MSVrBV4APk--eAGnHqMKBLflsQG3rU1EmDFKvgra41I Microsoft Device Management Checkin Ask HR MSVrBV4APk--eAGnHqMKBExhQK4StEFHidLvUymzo4I ProvisioningPowerBi Ask HR</dev:code> <dev:remarks> <maml:para>This example retrieves top two application role assignments of the specified group.</maml:para> <maml:para>- `-GroupId` parameter specifies the ID of a group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupAppRoleAssignment</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroupLifecyclePolicy</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroupLifecyclePolicy</command:noun> <maml:description> <maml:para>Retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. If you specify no parameters, this cmdlet gets all groupLifecyclePolicies.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraGroupLifecyclePolicy` command retrieves the properties and relationships of a groupLifecyclePolicies object in Microsoft Entra ID. Specify the `-GroupLifecyclePolicyId` parameter to get the group lifecycle policy. If you specify no parameters, this cmdlet gets all groupLifecyclePolicies.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroupLifecyclePolicy</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------- Example 1: Retrieve all groupLifecyclePolicies --------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' Get-EntraGroupLifecyclePolicy Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes -- --------------------------- ------------------- ----------------- eeeeeeee-4444-5555-6666-ffffffffffff example@contoso.com 200 Selected</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve the properties and relationships of all groupLifecyclePolicies in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-- Example 2: Retrieve properties of an groupLifecyclePolicy --</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} Get-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes -- --------------------------- ------------------- ----------------- ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 Selected</dev:code> <dev:remarks> <maml:para>This command is used to retrieve a specific Microsoft Group Lifecycle Policy.</maml:para> <maml:para>- `-GroupLifecyclePolicyId` parameter specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupLifecyclePolicy</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroupMember</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroupMember</command:noun> <maml:description> <maml:para>Gets a member of a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraGroupMember` cmdlet gets a member of a group in Microsoft Entra ID. Specify the `GroupId` parameter to get a member of a group.</maml:para> <maml:para>In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions: `microsoft.directory/groups/members/read`, `microsoft.directory/groups/members/limitedRead`, or `microsoft.directory/groups/hiddenMembers/read` (for hidden members). The following least privileged roles support this operation:</maml:para> <maml:para>- Group owners</maml:para> <maml:para>- "Member" users</maml:para> <maml:para>- "Guest" users (with limited read permissions)</maml:para> <maml:para>- Directory Readers</maml:para> <maml:para>- Directory Writers</maml:para> <maml:para>- Groups Administrator</maml:para> <maml:para>- User Administrator (includes hidden members)</maml:para> <maml:para>- Exchange Administrator (includes hidden members)</maml:para> <maml:para>- SharePoint Administrator (includes hidden members)</maml:para> <maml:para>- Intune Administrator (includes hidden members)</maml:para> <maml:para>- Teams Administrator (includes hidden members)</maml:para> <maml:para>- Yammer Administrator (includes hidden members)</maml:para> <maml:para></maml:para> <maml:para>To list members of a hidden group, the `Member.Read.Hidden` permission is also required.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroupMember</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>---- Example 1: Retrieve and Select Group Member Properties ----</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Select-Object Id, DisplayName, '@odata.type' Id DisplayName @odata.type ------------------------------------ ----------------- ------------------------------- dddddddd-3333-4444-5555-eeeeeeeeeeee Sawyer Miller #microsoft.graph.user eeeeeeee-4444-5555-6666-ffffffffffff Alex Wilber #microsoft.graph.user aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb My Application #microsoft.graph.servicePrincipal cccccccc-8888-9999-0000-dddddddddddd Contoso Group #microsoft.graph.group</dev:code> <dev:remarks> <maml:para>This example retrieves the members of a specified group by its `GroupId` and selects only the `Id`, `DisplayName` and `@odata.type` properties for each member.</maml:para> <maml:para>- `-GroupId` specifies the ID of a group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>--------------- Example 2: Get two group member ---------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroupMember -GroupId $group.Id -Top 2 Id DeletedDateTime -- --------------- cccccccc-8888-9999-0000-dddddddddddd dddddddd-9999-0000-1111-eeeeeeeeeeee</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve top two groups from Microsoft Entra ID. - `-GroupId` specifies the ID of a group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---- Example 3: Get all members within a group by group ID ----</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroupMember -GroupId $group.Id -All Id DeletedDateTime -- --------------- dddddddd-3333-4444-5555-eeeeeeeeeeee eeeeeeee-4444-5555-6666-ffffffffffff aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb bbbbbbbb-7777-8888-9999-cccccccccccc cccccccc-8888-9999-0000-dddddddddddd</dev:code> <dev:remarks> <maml:para>This example retrieves all members within a group by group ID.</maml:para> <maml:para>- `-GroupId` specifies the ID of a group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------- Example 4: Get a group member by ID -------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroupMember -GroupId $group.Id Id DeletedDateTime -- --------------- bbbbbbbb-7777-8888-9999-cccccccccccc</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve group member by ID.</maml:para> <maml:para>- `-GroupId` Specifies the ID of a group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupMember</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Add-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroupOwner</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroupOwner</command:noun> <maml:description> <maml:para>Gets an owner of a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraGroupOwner` cmdlet gets an owner of a group in Microsoft Entra ID. Specify `GroupId` parameter gets an owner of a group.</maml:para> <maml:para>In delegated scenarios, the signed-in user must have a supported Microsoft Entra role or a custom role with the `microsoft.directory/groups/owners/read` permission. The following least privileged roles support this operation:</maml:para> <maml:para>- Group owners</maml:para> <maml:para>- Directory Readers</maml:para> <maml:para>- Directory Writers</maml:para> <maml:para>- Groups Administrator</maml:para> <maml:para>- User Administrator</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroupOwner</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------------- Example 1: Get a group owner by ID --------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Select-Object Id, DisplayName, '@odata.type' id displayName @odata.type -- ----------- ----------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Adele Vance #microsoft.graph.user</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve the owner of a specific group.</maml:para> <maml:para>- `-GroupId` Parameter specifies the ID of a group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>--------------- Example 2: Gets all group owners ---------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroupOwner -GroupId $group.Id -All Id DeletedDateTime -- --------------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc cccccccc-2222-3333-4444-dddddddddddd dddddddd-3333-4444-5555-eeeeeeeeeeee</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve the all owner of a specific group. - `-GroupId` Parameter specifies the ID of a group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>--------------- Example 3: Gets two group owners ---------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraGroupOwner -GroupId $group.Id -Top 2 Id DeletedDateTime -- --------------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve the top two owners of a specific group.</maml:para> <maml:para>- `-GroupId` parameter specifies the ID of a group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupOwner</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Add-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraGroupPermissionGrant</command:name> <command:verb>Get</command:verb> <command:noun>EntraGroupPermissionGrant</command:noun> <maml:description> <maml:para>Retrieves a list of permission grants consented to for a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Retrieves a list of permission grants consented to for a group.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraGroupPermissionGrant</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The unique identifier of group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>The unique identifier of group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>Microsoft.Open.MSGraph.Model.GetMSGroupPermissionGrantsResponse</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>--- Example 1: List existing permission grants for the group ---</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' Get-EntraGroupPermissionGrant -GroupId 'CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3' Id : CcDdEeFfGgHhIiJjKkLlMmNnOoPpQq3 ClientId : 00001111-aaaa-2222-bbbb-3333cccc4444 ClientAppId : 44445555-eeee-6666-ffff-7777aaaa8888 ResourceAppId : bbbb1111-cc22-3333-44dd-555555eeeeee PermissionType : Application Permission : Member.Read.Group</dev:code> <dev:remarks> <maml:para>This cmdlet list existing permission grants for the specified group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraGroupPermissionGrant</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraLifecyclePolicyGroup</command:name> <command:verb>Get</command:verb> <command:noun>EntraLifecyclePolicyGroup</command:noun> <maml:description> <maml:para>Retrieves the lifecycle policy object to which a group belongs.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraLifecyclePolicyGroup` retrieves the lifecycle policy object to which a group belongs. Specify the `-GroupId` parameter to get the lifecycle policy object to which a group belongs.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraLifecyclePolicyGroup</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>--------- Example 1: Retrieve lifecycle policy object ---------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraLifecyclePolicyGroup -GroupId $group.Id Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes -- --------------------------- ------------------- ----------------- bbbbbbbb-1111-2222-3333-cccccccccccc admingroup@contoso.com 200 All</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve lifecycle policy object by Id in Microsoft Entra ID.</maml:para> <maml:para>- `-GroupId` - specifies the ID of a group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraLifecyclePolicyGroup</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraObjectSetting</command:name> <command:verb>Get</command:verb> <command:noun>EntraObjectSetting</command:noun> <maml:description> <maml:para>Gets an object setting.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraObjectSetting` cmdlet retrieves an object setting from Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraObjectSetting</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the ID of a settings object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the target object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetType</maml:name> <maml:description> <maml:para>Specifies the target type.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraObjectSetting</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the target object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetType</maml:name> <maml:description> <maml:para>Specifies the target type.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>All</maml:name> <maml:description> <maml:para>List all pages.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Management.Automation.SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the ID of a settings object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of the target object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>TargetType</maml:name> <maml:description> <maml:para>Specifies the target type.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Top</maml:name> <maml:description> <maml:para>Specifies the maximum number of records to return.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Property</maml:name> <maml:description> <maml:para>Specifies properties to be returned.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-- Example 1: Retrieve object setting from Microsoft Entra ID --</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id Id DisplayName TemplateId -- ----------- ---------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa</dev:code> <dev:remarks> <maml:para>This command retrieves object setting from Microsoft Entra ID.</maml:para> <maml:para>- `-TargetType` Parameter specifies the target type.</maml:para> <maml:para>- `-TargetObjectId` Parameter specifies the ID of the target object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Retrieve a specific object setting from Microsoft Entra ID</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" $setting = Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id | Where-Object {$_.displayName -eq 'Group.Unified.Guest'} Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Id $setting.Id Id DisplayName TemplateId -- ----------- ---------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa</dev:code> <dev:remarks> <maml:para>This command retrieves Specific object setting from Microsoft Entra ID.</maml:para> <maml:para>- `-TargetType` Parameter specifies the target type.</maml:para> <maml:para>- `-TargetObjectId` Parameter specifies the ID of the target object.</maml:para> <maml:para>- `-Id` Parameter specifies the ID of a settings object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 3: Retrieve top one object setting from Microsoft Entra ID</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -Top 1 Id DisplayName TemplateId -- ----------- ---------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa</dev:code> <dev:remarks> <maml:para>This command retrieves top one object setting from Microsoft Entra ID.</maml:para> <maml:para>- `-TargetType` Parameter specifies the target type.</maml:para> <maml:para>- `-TargetObjectId` Parameter specifies the ID of the target object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 4: Retrieve all object setting from Microsoft Entra ID</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Get-EntraObjectSetting -TargetType 'Groups' -TargetObjectId $group.Id -All Id DisplayName TemplateId -- ----------- ---------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Group.Unified.Guest 22cc22cc-dd33-ee44-ff55-66aa66aa66aa</dev:code> <dev:remarks> <maml:para>This command retrieves all records of object setting from Microsoft Entra ID.</maml:para> <maml:para>- `-TargetType` Parameter specifies the target type.</maml:para> <maml:para>- `-TargetObjectId` Parameter specifies the ID of the target object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------- Example 5: Retrieve user object settings -----------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.Read.All' $user = Get-EntraUser -UserId 'AdeleV@Contoso.com' Get-EntraObjectSetting -TargetType 'Users' -TargetObjectId $user.Id Id ContributionToContentDiscoveryAsOrganizationDisabled ContributionToContentDiscoveryDisabled -- ---------------------------------------------------- -------------------------------------- False False</dev:code> <dev:remarks> <maml:para>This command retrieves user object setting.</maml:para> <maml:para>- `-TargetType` Parameter specifies the user target type.</maml:para> <maml:para>- `-TargetObjectId` Parameter specifies the ID of the user.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Get-EntraObjectSetting</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-EntraGroup</command:name> <command:verb>New</command:verb> <command:noun>EntraGroup</command:noun> <maml:description> <maml:para>Creates a Microsoft Entra ID group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `New-EntraGroup` cmdlet creates a Microsoft Entra ID group. Specify the `DisplayName`, `MailNickname`, `MailEnabled` and `SecurityEnabled` parameters for creating a Microsoft Entra ID group.</maml:para> <maml:para>For information about creating dynamic groups, see: Using attributes to create advanced rules (https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership). Notes on permissions: - To create the group with users as owners or members, the app must have at least the `User.Read.All` permission.</maml:para> <maml:para>- To create the group with other service principals as owners or members, the app must have at least the `Application.Read.All` permission.</maml:para> <maml:para>- To create the group with either users or service principals as owners or members, the app must have at least the `Directory.Read.All` permission.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-EntraGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specifies a description for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DisplayName</maml:name> <maml:description> <maml:para>Specifies a display name for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailEnabled</maml:name> <maml:description> <maml:para>Specifies whether this group is mail enabled.</maml:para> <maml:para>Currently, you can't create mail enabled groups in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailNickname</maml:name> <maml:description> <maml:para>Specifies a mail nickname for the group. If MailEnabled is $False, you must still specify a mail nickname.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SecurityEnabled</maml:name> <maml:description> <maml:para>Specifies whether the group is security enabled. For security groups, this value must be $True.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupTypes</maml:name> <maml:description> <maml:para>Specifies that the group is a unified or dynamic group. </maml:para> <maml:para>Notes: </maml:para> <maml:para>- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Visibility</maml:name> <maml:description> <maml:para>This parameter determines the visibility of the group's content and members list.</maml:para> <maml:para>This parameter can take one of the following values:</maml:para> <maml:para>- "Public" - Anyone can view the contents of the group</maml:para> <maml:para>- "Private" - Only members can view the content of the group</maml:para> <maml:para>- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group.</maml:para> <maml:para></maml:para> <maml:para>If no value is provided, the default value is "Public".</maml:para> <maml:para>Notes:</maml:para> <maml:para>- This parameter is only valid for groups that have the groupType set to "Unified".</maml:para> <maml:para>- If a group has this attribute set to "HiddenMembership", it can't be changed later.</maml:para> <maml:para>- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IsAssignableToRole</maml:name> <maml:description> <maml:para>Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specifies a description for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DisplayName</maml:name> <maml:description> <maml:para>Specifies a display name for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailEnabled</maml:name> <maml:description> <maml:para>Specifies whether this group is mail enabled.</maml:para> <maml:para>Currently, you can't create mail enabled groups in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailNickname</maml:name> <maml:description> <maml:para>Specifies a mail nickname for the group. If MailEnabled is $False, you must still specify a mail nickname.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SecurityEnabled</maml:name> <maml:description> <maml:para>Specifies whether the group is security enabled. For security groups, this value must be $True.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupTypes</maml:name> <maml:description> <maml:para>Specifies that the group is a unified or dynamic group. </maml:para> <maml:para>Notes: </maml:para> <maml:para>- This parameter currently can't be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Entra module.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Visibility</maml:name> <maml:description> <maml:para>This parameter determines the visibility of the group's content and members list.</maml:para> <maml:para>This parameter can take one of the following values:</maml:para> <maml:para>- "Public" - Anyone can view the contents of the group</maml:para> <maml:para>- "Private" - Only members can view the content of the group</maml:para> <maml:para>- "HiddenMembership" - Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator and Helpdesk Administrators can view the members list of the group.</maml:para> <maml:para></maml:para> <maml:para>If no value is provided, the default value is "Public".</maml:para> <maml:para>Notes:</maml:para> <maml:para>- This parameter is only valid for groups that have the groupType set to "Unified".</maml:para> <maml:para>- If a group has this attribute set to "HiddenMembership", it can't be changed later.</maml:para> <maml:para>- Anyone can join a group that has this attribute set to "Public". If the attribute is set to Private or HiddenMembership, only owners can add new members to the group and requests to join the group need approval of the owners.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IsAssignableToRole</maml:name> <maml:description> <maml:para>Indicates whether group can be assigned to a role. This property can only be set at the time of group creation and can't be modified on an existing group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------ Example 1: Create a group ------------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' $params = @{ DisplayName = 'HelpDesk admin group2' MailEnabled = $False MailNickname = 'helpDeskAdminGroup' SecurityEnabled = $True } New-EntraGroup @params DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- HelpDesk admin group2 bbbbbbbb-5555-5555-0000-qqqqqqqqqqqq helpDeskAdminGroup {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to create the new group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----- Example 2: Create a group with Description parameter -----</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' $params = @{ DisplayName = 'HelpDesk admin group' MailEnabled = $false MailNickname = 'helpDeskAdminGroup' SecurityEnabled = $true Description = 'Group assignable to role' } New-EntraGroup @params DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- HelpDesk admin group zzzzzzzz-6666-8888-9999-pppppppppppp helpDeskAdminGroup Group assignable to role {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to create the new group with description parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>- Example 3: Create a group with IsAssignableToRole parameter -</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' $params = @{ DisplayName = 'HelpDesk admin group2' Description = 'Group assignable to role' MailEnabled = $False MailNickname = 'helpDeskAdminGroup' SecurityEnabled = $True IsAssignableToRole = $True } New-EntraGroup @params DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- HelpDesk admin group2 vvvvvvvv-8888-9999-0000-jjjjjjjjjjjj helpDeskAdminGroup Group assignable to role {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to create the new group with IsAssignableToRole parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----- Example 4: Create a group with Visibility parameter -----</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' $params = @{ DisplayName = 'HelpDesk admin group2' Description = 'Group assignable to role' MailEnabled = $False MailNickname = 'helpDeskAdminGroup' SecurityEnabled = $True Visibility = 'Private' } New-EntraGroup @params DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- HelpDesk admin group2 gggggggg-0000-4444-3333-llllllllllll helpDeskAdminGroup Group assignable to role {}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to create the new group with Visibility parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----- Example 5: Create a group with GroupTypes parameter -----</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All','Group.Create' $params = @{ DisplayName = 'HelpDesk admin group3' Description = 'group des' MailEnabled = $False MailNickname = 'helpDeskAdminGroup1' SecurityEnabled = $True GroupTypes = 'Unified' } New-EntraGroup @params DisplayName Id MailNickname Description GroupTypes ----------- -- ------------ ----------- ---------- HelpDesk admin group3 xxxxxxxx-8888-5555-9999-bbbbbbbbbbbb helpDeskAdminGroup1 group des {Unified}</dev:code> <dev:remarks> <maml:para>This example demonstrates how to create the new group with GroupTypes parameter.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Set-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Using attributes to create advanced rules</maml:linkText> <maml:uri>https://learn.microsoft.com/entra/identity/users/groups-dynamic-membership</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-EntraGroupAppRoleAssignment</command:name> <command:verb>New</command:verb> <command:noun>EntraGroupAppRoleAssignment</command:noun> <maml:description> <maml:para>Assign a group of users to an application role.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `New-EntraGroupAppRoleAssignment` cmdlet assigns a group of users to an application role in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-EntraGroupAppRoleAssignment</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Id"> <maml:name>AppRoleId</maml:name> <maml:description> <maml:para>Specifies the ID of the app role (defined on the resource service principal) to assign.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PrincipalId</maml:name> <maml:description> <maml:para>Specifies the principal ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ResourceId</maml:name> <maml:description> <maml:para>The unique identifier (ID) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="Id"> <maml:name>AppRoleId</maml:name> <maml:description> <maml:para>Specifies the ID of the app role (defined on the resource service principal) to assign.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>PrincipalId</maml:name> <maml:description> <maml:para>Specifies the principal ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ResourceId</maml:name> <maml:description> <maml:para>The unique identifier (ID) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----- Example 1: Assign a group of users to an application -----</maml:title> <dev:code>Connect-Entra -Scopes 'AppRoleAssignment.ReadWrite.All' $servicePrincipal = Get-EntraServicePrincipal -Filter "Displayname eq 'Box'" $group = Get-EntraGroup -SearchString 'Contoso Global' New-EntraGroupAppRoleAssignment -GroupId $group.Id -PrincipalId $group.Id -ResourceId $servicePrincipal.Id -AppRoleId $servicePrincipal.Approles[1].Id DeletedDateTime Id AppRoleId CreatedDateTime PrincipalDisplayName PrincipalId --------------- -- --------- --------------- -------------------- ----------- AaBbCcDdEeFfGgHhIiJjKkLlMmNnOo1 00000000-0000-0000-0000-000000000000 3/13/2024 4:41:43 AM Contoso Team aaaaaaaa-bbbb-cccc-1111-222222222222 3/13/2024 4:45:00 AM BbCcDdEeFfGgHhIiJjKkLlMmNnOoPp2 00000000-0000-0000-0000-000000000000 3/13/2024 4:45:00 AM Finance Group bbbbbbbb-cccc-dddd-2222-333333333333</dev:code> <dev:remarks> <maml:para>This example demonstrates how to assign a group of users to an application role in Microsoft Entra ID. - `GroupId`: The ID of the group to which you're assigning the app role.</maml:para> <maml:para>- `PrincipalId`: The ID of the group to which you're assigning the app role.</maml:para> <maml:para>- `ResourceId`: The ID of the resource service Principal, which has defined the app role.</maml:para> <maml:para>- `AppRoleId`: The ID of the appRole (defined on the resource service principal) to assign to the group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroupAppRoleAssignment</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-EntraGroupLifecyclePolicy</command:name> <command:verb>New</command:verb> <command:noun>EntraGroupLifecyclePolicy</command:noun> <maml:description> <maml:para>Creates a new groupLifecyclePolicy.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>Creates a new groupLifecyclePolicy in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-EntraGroupLifecyclePolicy</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>AlternateNotificationEmails</maml:name> <maml:description> <maml:para>Notification emails for groups without owners are sent to these email addresses, separated by a ';'.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupLifetimeInDays</maml:name> <maml:description> <maml:para>The number of days a group can exist before it needs to be renewed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedGroupTypes</maml:name> <maml:description> <maml:para>This parameter allows the admin to select which Office 365 groups the policy applies to. 'None' creates the policy in a disabled state. 'All' applies the policy to every Office 365 group in the tenant. 'Selected' allows the admin to choose specific Office 365 groups to which the policy applies.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>AlternateNotificationEmails</maml:name> <maml:description> <maml:para>Notification emails for groups without owners are sent to these email addresses, separated by a ';'.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupLifetimeInDays</maml:name> <maml:description> <maml:para>The number of days a group can exist before it needs to be renewed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedGroupTypes</maml:name> <maml:description> <maml:para>This parameter allows the admin to select which Office 365 groups the policy applies to. 'None' creates the policy in a disabled state. 'All' applies the policy to every Office 365 group in the tenant. 'Selected' allows the admin to choose specific Office 365 groups to which the policy applies.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------- Example 1: Creates a new groupLifecyclePolicy --------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' New-EntraGroupLifecyclePolicy -GroupLifetimeInDays 99 -ManagedGroupTypes 'Selected' -AlternateNotificationEmails 'example@contoso.com' Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes -- --------------------------- ------------------- ----------------- aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb example@contoso.com 99 Selected</dev:code> <dev:remarks> <maml:para>This example creates a new groupLifecyclePolicy with a group lifetime of 99 days for a selected set of Office 365 groups. Renewal notification emails are sent to <example@contoso.com> for groups without owners.</maml:para> <maml:para>- `-GroupLifetimeInDays` parameter specifies the number of days a group can exist before it needs to be renewed.</maml:para> <maml:para>- `-ManagedGroupTypes` parameter allows the admin to select which office 365 groups the policy applies to.</maml:para> <maml:para>- `-AlternateNotificationEmails` parameter specifies notification emails for group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/New-EntraGroupLifecyclePolicy</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Set-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraGroup</command:name> <command:verb>Remove</command:verb> <command:noun>EntraGroup</command:noun> <maml:description> <maml:para>Removes a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraGroup` cmdlet removes a group from Microsoft Entra ID. Specify the `GroupId` parameter removes a group. </maml:para> <maml:para>Unified Group can be restored withing 30 days after deletion using the `Restore-EntraBetaDeletedDirectoryObject` cmdlet. Security groups can't be restored after deletion. Notes on permissions: The following conditions apply for apps to delete role-assignable groups:</maml:para> <maml:para>- For delegated scenarios, the app must be assigned the `RoleManagement.ReadWrite.Directory` delegated permission, and the calling user must be the creator of the group or be assigned at least the Privileged Role Administrator Microsoft Entra role.</maml:para> <maml:para>- For app-only scenarios, the calling app must be the owner of the group or be assigned the `RoleManagement.ReadWrite.Directory` application permission or be assigned at least the Privileged Role Administrator Microsoft Entra role.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraGroup</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------ Example 1: Remove a group ------------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" | Remove-EntraGroup</dev:code> <dev:remarks> <maml:para>This example demonstrates how to remove a group in Microsoft Entra ID.</maml:para> <maml:para>- `GroupId` parameter specifies the group ID .</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Set-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraGroupAppRoleAssignment</command:name> <command:verb>Remove</command:verb> <command:noun>EntraGroupAppRoleAssignment</command:noun> <maml:description> <maml:para>Delete a group application role assignment.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraGroupAppRoleAssignment` cmdlet removes a group application role assignment from Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraGroupAppRoleAssignment</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>AppRoleAssignmentId</maml:name> <maml:description> <maml:para>Specifies the object ID of the group application role assignment.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>AppRoleAssignmentId</maml:name> <maml:description> <maml:para>Specifies the object ID of the group application role assignment.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>--------- Example 1: Remove group app role assignment ---------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' $group = Get-EntraGroup -Filter "displayName eq 'Contoso Marketing'" $appRoleAssignment = Get-EntraGroupAppRoleAssignment -GroupId $group.Id | Where-Object {$_.ResourceDisplayName -eq 'Box'} Remove-EntraGroupAppRoleAssignment -GroupId $group -AppRoleAssignmentId $appRoleAssignment.Id</dev:code> <dev:remarks> <maml:para>This example demonstrates how to remove the specified group application role assignment. GroupId - Specifies the object ID of a group. AppRoleAssignmentId - Specifies the object ID of the group application role assignment.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupAppRoleAssignment</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroupAppRoleAssignment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraGroupLifecyclePolicy</command:name> <command:verb>Remove</command:verb> <command:noun>EntraGroupLifecyclePolicy</command:noun> <maml:description> <maml:para>Deletes a groupLifecyclePolicies object</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraGroupLifecyclePolicy` command deletes a groupLifecyclePolicies object in Microsoft Entra ID. Specify `Id` parameter deletes the groupLifecyclePolicies object.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraGroupLifecyclePolicy</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the groupLifecyclePolicies object that this cmdlet removes.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>---------- Example 1: Remove a groupLifecyclePolicies ----------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} | Remove-EntraGroupLifecyclePolicy</dev:code> <dev:remarks> <maml:para>This example demonstrates how to delete the groupLifecyclePolicies object that has the specified ID. You can use `Get-EntraGroupLifecyclePolicy` to get Id details.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupLifecyclePolicy</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Set-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraGroupMember</command:name> <command:verb>Remove</command:verb> <command:noun>EntraGroupMember</command:noun> <maml:description> <maml:para>Removes a member from a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraGroupMember` cmdlet removes a member from a group in Microsoft Entra ID. Specify the `ObjectId` and `MemberId` parameters to remove a member from a group.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraGroupMember</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>MemberId</maml:name> <maml:description> <maml:para>Specifies the ID of the member to remove.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>MemberId</maml:name> <maml:description> <maml:para>Specifies the ID of the member to remove.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------ Example 1: Remove a member ------------------</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" $groupMember = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupMember | Where-Object {$_.displayName -eq 'Adele Vance'} Remove-EntraGroupMember -GroupId $group.Id -MemberId $groupMember.Id</dev:code> <dev:remarks> <maml:para>This command removes the specified member from the specified group. - `GroupId` - Specifies the object ID of a group in Microsoft Entra ID.</maml:para> <maml:para>- `MemberId` - Specifies the ID of the member to remove.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupMember</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Add-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupMember</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraGroupOwner</command:name> <command:verb>Remove</command:verb> <command:noun>EntraGroupOwner</command:noun> <maml:description> <maml:para>Removes an owner from a group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraGroupOwner` cmdlet removes an owner from a group in Microsoft Entra ID. Specify the `GroupId` and `OwnerId` parameters to remove an owner from a group.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraGroupOwner</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>OwnerId</maml:name> <maml:description> <maml:para>Specifies the ID of an owner.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="ObjectId"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>OwnerId</maml:name> <maml:description> <maml:para>Specifies the ID of an owner.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------ Example 1: Remove an owner ------------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" $groupOwner = Get-EntraGroup -GroupId $group.Id | Get-EntraGroupOwner | Where-Object {$_.displayName -eq 'Adele Vance'} Remove-EntraGroupOwner -GroupId $group.Id -OwnerId $groupOwner.Id</dev:code> <dev:remarks> <maml:para>This example demonstrates how to remove an owner from a group in Microsoft Entra ID.</maml:para> <maml:para>- `GroupId` - Specifies the ID of a group in Microsoft Entra ID. - `OwnerId` - Specifies the ID of an owner.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraGroupOwner</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Add-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupOwner</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraLifecyclePolicyGroup</command:name> <command:verb>Remove</command:verb> <command:noun>EntraLifecyclePolicyGroup</command:noun> <maml:description> <maml:para>Removes a group from a lifecycle policy.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraLifecyclePolicyGroup` cmdlet removes a group from a lifecycle policy in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraLifecyclePolicyGroup</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the lifecycle policy object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of the lifecycle policy object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----------- Example 1: Remove lifecycle policy group -----------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Office365 group'" $policy = Get-EntraLifecyclePolicyGroup -Id $group.Id Remove-EntraLifecyclePolicyGroup -GroupLifecyclePolicyId $policy.Id -GroupId $group.Id Value ----- True</dev:code> <dev:remarks> <maml:para>This example demonstrates how to remove a group from a lifecycle policy in Microsoft Entra ID with specified Id and groupId.</maml:para> <maml:para>- `-GroupLifecyclePolicyId` parameter specifies the lifecycle policy object ID. - `-GroupId` parameter specifies the ID of Office365 group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Remove-EntraLifecyclePolicyGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraLifecyclePolicyGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Add-EntraLifecyclePolicyGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Reset-EntraLifeCycleGroup</command:name> <command:verb>Reset</command:verb> <command:noun>EntraLifeCycleGroup</command:noun> <maml:description> <maml:para>Renews a group by updating the RenewedDateTime property on a group to the current DateTime.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Reset-EntraLifeCycleGroup` renews a group by updating the RenewedDateTime property on a group to the current DateTime. When a group is renewed, the group expiration is extended by the number of days defined in the policy.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Reset-EntraLifeCycleGroup</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>Id</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>None</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------------- Example 1: Renew a group -------------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'" Reset-EntraLifeCycleGroup -Id $group.Id</dev:code> <dev:remarks> <maml:para>This example demonstrates how to renew a specified group.</maml:para> <maml:para>- `-Id` - Specifies the group Object ID.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Reset-EntraLifeCycleGroup</maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Select-EntraGroupIdsContactIsMemberOf</command:name> <command:verb>Select</command:verb> <command:noun>EntraGroupIdsContactIsMemberOf</command:noun> <maml:description> <maml:para>Get groups in which a contact is a member.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Select-EntraGroupIdsContactIsMemberOf` cmdlet gets groups in Microsoft Entra ID in which a contact is a member.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Select-EntraGroupIdsContactIsMemberOf</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the object ID of a contact in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the object ID of a contact in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----- Example 1: Get groups in which a contact is a member -----</maml:title> <dev:code>Connect-Entra -Scopes 'OrgContact.Read.All,Group.Read.All' $group = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck $group.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Sales and Marketing'").Id $contact = Get-EntraContact -Filter "displayName eq 'Contoso Admin'" Select-EntraGroupIdsContactIsMemberOf -ObjectId $contact.Id -GroupIdsForMembershipCheck $group</dev:code> <dev:remarks> <maml:para>This example demonstrates how to get groups in which a contact is a member.</maml:para> <maml:para>- `-ObjectId` parameter specifies the contact Object ID.</maml:para> <maml:para>- `-GroupIdsForMembershipCheck` parameter specifies the group Object ID.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsContactIsMemberOf</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraContact</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Select-EntraGroupIdsGroupIsMemberOf</command:name> <command:verb>Select</command:verb> <command:noun>EntraGroupIdsGroupIsMemberOf</command:noun> <maml:description> <maml:para>Gets group IDs that a group is a member of.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Select-EntraGroupIdsGroupIsMemberOf` cmdlet gets the groups that a specified group is a member of in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Select-EntraGroupIdsGroupIsMemberOf</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of a group in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-- Example 1: Get the group membership of a group for a group --</maml:title> <dev:code>Connect-Entra -Scopes 'GroupMember.Read.All' $groupObject = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck $groupObject.GroupIds = (Get-EntraGroup -Filter "displayName eq 'Tailspin Toys'").Id $group = Get-EntraGroup -Filter "displayName eq 'sg-Legal'" Select-EntraGroupIdsGroupIsMemberOf -ObjectId $group.Id -GroupIdsForMembershipCheck $groupObject</dev:code> <dev:remarks> <maml:para>This example gets the group membership of a group identified by $GroupId. Use `Get-EntraGroup` cmdlet to obtain group `ObjectId` value.</maml:para> <maml:para>- `-ObjectId` parameter specifies the group ID.</maml:para> <maml:para>- `-GroupIdsForMembershipCheck` Specifies an array of group object IDs.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsGroupIsMemberOf</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Select-EntraGroupIdsUserIsMemberOf</command:name> <command:verb>Select</command:verb> <command:noun>EntraGroupIdsUserIsMemberOf</command:noun> <maml:description> <maml:para>Selects the groups that a user is a member of.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Select-EntraGroupIdsUserIsMemberOf` cmdlet selects the groups that a user is a member of in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Select-EntraGroupIdsUserIsMemberOf</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:description> <maml:para>Specifies an array of group object IDs.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">GroupIdsForMembershipCheck</command:parameterValue> <dev:type> <maml:name>GroupIdsForMembershipCheck</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="none"> <maml:name>ObjectId</maml:name> <maml:description> <maml:para>Specifies the ID of a user (as a UserPrincipalName or ObjectId) in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-- Example 1: Get the group membership of a group for a user --</maml:title> <dev:code>Connect-Entra -Scopes 'Application.Read.All' $myGroup = Get-EntraGroup -Filter "DisplayName eq '<Group-DisplayName>'" $UserId = 'SawyerM@contoso.com' $groups = New-Object Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck $groups.GroupIds = $myGroup.Id Select-EntraGroupIdsUserIsMemberOf -ObjectId 'SawyerM@contoso.com' -GroupIdsForMembershipCheck $groups aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb</dev:code> <dev:remarks> <maml:para>This example retrieves the group membership of a group for a user.</maml:para> <maml:para>- `-ObjectId` parameter specifies the object Id of a user(as a UserPrincipalName or ObjectId).</maml:para> <maml:para>- `-GroupIdsForMembershipCheck` parameter specifies the group Object Ids.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Select-EntraGroupIdsUserIsMemberOf</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Set-EntraGroup</command:name> <command:verb>Set</command:verb> <command:noun>EntraGroup</command:noun> <maml:description> <maml:para>Sets the properties for an existing Microsoft Entra ID group.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Set-EntraGroup` cmdlet sets the properties for an existing Microsoft Entra ID group. Specify the `GroupId` parameter to set the properties for an existing Microsoft Entra ID group.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Set-EntraGroup</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specifies a description for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DisplayName</maml:name> <maml:description> <maml:para>Specifies a display name for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupTypes</maml:name> <maml:description> <maml:para>Specifies that the group is a dynamic group. To create a dynamic group, specify a value of DynamicMembership.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailEnabled</maml:name> <maml:description> <maml:para>Indicates whether this group is mail enabled.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailNickname</maml:name> <maml:description> <maml:para>Specifies a mail nickname for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SecurityEnabled</maml:name> <maml:description> <maml:para>Indicates whether the group is security enabled.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Visibility</maml:name> <maml:description> <maml:para>Specifies the visibility of the group's content and members list. This parameter can take one of the following values:</maml:para> <maml:para>* "Public": Anyone can view the contents of the group.</maml:para> <maml:para>* "Private": Only members can view the content of the group.</maml:para> <maml:para>* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group.</maml:para> <maml:para></maml:para> <maml:para>If no value is provided, the default value is "Public."</maml:para> <maml:para>Notes:</maml:para> <maml:para>* This parameter is only valid for groups that have the groupType set to "Unified."</maml:para> <maml:para>* If a group has this attribute set to "HiddenMembership," it can't be changed later.</maml:para> <maml:para>* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IsAssignableToRole</maml:name> <maml:description> <maml:para>This property can only be set at the time of group creation and can't be modified on an existing group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specifies a description for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DisplayName</maml:name> <maml:description> <maml:para>Specifies a display name for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupTypes</maml:name> <maml:description> <maml:para>Specifies that the group is a dynamic group. To create a dynamic group, specify a value of DynamicMembership.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupId</maml:name> <maml:description> <maml:para>Specifies the object ID of a group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailEnabled</maml:name> <maml:description> <maml:para>Indicates whether this group is mail enabled.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>MailNickname</maml:name> <maml:description> <maml:para>Specifies a mail nickname for the group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>SecurityEnabled</maml:name> <maml:description> <maml:para>Indicates whether the group is security enabled.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Visibility</maml:name> <maml:description> <maml:para>Specifies the visibility of the group's content and members list. This parameter can take one of the following values:</maml:para> <maml:para>* "Public": Anyone can view the contents of the group.</maml:para> <maml:para>* "Private": Only members can view the content of the group.</maml:para> <maml:para>* "HiddenMembership": Only members can view the content of the group and only members, owners, Global/Company Administrator, User Administrator, and Helpdesk Administrators can view the members list of the group.</maml:para> <maml:para></maml:para> <maml:para>If no value is provided, the default value is "Public."</maml:para> <maml:para>Notes:</maml:para> <maml:para>* This parameter is only valid for groups that have the groupType set to "Unified."</maml:para> <maml:para>* If a group has this attribute set to "HiddenMembership," it can't be changed later.</maml:para> <maml:para>* Anyone can join a group that has this attribute set to "Public." If the attribute is set to Private or HiddenMembership, only owner can add new members to the group and requests to join the group need approval of the owner.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>IsAssignableToRole</maml:name> <maml:description> <maml:para>This property can only be set at the time of group creation and can't be modified on an existing group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Boolean</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>------------ Example 1: Update a group display name ------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" Set-EntraGroup -GroupId $group.Id -DisplayName 'Global HelpDesk Team Leaders'</dev:code> <dev:remarks> <maml:para>This command updates the display name of a specified group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------ Example 2: Update a group description ------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" | Set-EntraGroup -Description 'HelpDesk Team Leaders Global'</dev:code> <dev:remarks> <maml:para>This example demonstrates how to update a group description. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------- Example 3: Update a group mail nickname -----------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" Set-EntraGroup -GroupId $group.Id -MailNickName 'newnickname'</dev:code> <dev:remarks> <maml:para>This command updates the mail nickname of a specified group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- Example 4: Update a group security enabled ----------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" Set-EntraGroup -GroupId $group.Id -SecurityEnabled $True</dev:code> <dev:remarks> <maml:para>This command updates the security enabled of a specified group in Microsoft Entra ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------ Example 5: Update a group mail enabled ------------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" Set-EntraGroup -GroupId $group.Id -MailEnabled $False</dev:code> <dev:remarks> <maml:para>This example demonstrates how to update a group main enabled. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------- Example 6: Update a property for a group -----------</maml:title> <dev:code>Connect-Entra -Scopes 'Group.ReadWrite.All' $group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" Set-EntraGroup -GroupId $group.Id -Visibility 'Private' -GroupTypes 'DynamicMembership' -IsAssignableToRole $True</dev:code> <dev:remarks> <maml:para>This example demonstrates how to update a property for an existing Microsoft Entra ID group. </maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraGroup</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Set-EntraGroupLifecyclePolicy</command:name> <command:verb>Set</command:verb> <command:noun>EntraGroupLifecyclePolicy</command:noun> <maml:description> <maml:para>Updates a specific group Lifecycle Policy in Microsoft Entra ID.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Set-EntraGroupLifecyclePolicy` command updates a specific group Lifecycle Policy in Microsoft Entra ID.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Set-EntraGroupLifecyclePolicy</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>AlternateNotificationEmails</maml:name> <maml:description> <maml:para>Notification emails for groups that have no owners are sent to these email addresses. List of email addresses separated by a ";".</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupLifetimeInDays</maml:name> <maml:description> <maml:para>The number of days a group can exist before it needs to be renewed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedGroupTypes</maml:name> <maml:description> <maml:para>Allows the admin to select which office 365 groups the policy applies to.</maml:para> <maml:para>- "None" will create the policy in a disabled state.</maml:para> <maml:para>- "All" will apply the policy to every Office 365 group in the tenant.</maml:para> <maml:para>- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>AlternateNotificationEmails</maml:name> <maml:description> <maml:para>Notification emails for groups that have no owners are sent to these email addresses. List of email addresses separated by a ";".</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>GroupLifetimeInDays</maml:name> <maml:description> <maml:para>The number of days a group can exist before it needs to be renewed.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Int32</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName, ByValue)" position="named" aliases="Id"> <maml:name>GroupLifecyclePolicyId</maml:name> <maml:description> <maml:para>Specifies the ID of a groupLifecyclePolicies object in Microsoft Entra ID.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ManagedGroupTypes</maml:name> <maml:description> <maml:para>Allows the admin to select which office 365 groups the policy applies to.</maml:para> <maml:para>- "None" will create the policy in a disabled state.</maml:para> <maml:para>- "All" will apply the policy to every Office 365 group in the tenant.</maml:para> <maml:para>- "Selected" will allow the admin to choose specific Office 365 groups that the policy applies to.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>---------- Example 1: Updates group lifecycle policy ----------</maml:title> <dev:code>Connect-Entra -Scopes 'Directory.ReadWrite.All' $policy = Get-EntraGroupLifecyclePolicy | Where-Object {$_.AlternateNotificationEmails -eq 'example@contoso.com'} Set-EntraGroupLifecyclePolicy -GroupLifecyclePolicyId $policy.Id -GroupLifetimeInDays 200 -AlternateNotificationEmails 'example@contoso.com' -ManagedGroupTypes 'All' Id AlternateNotificationEmails GroupLifetimeInDays ManagedGroupTypes -- --------------------------- ------------------- ----------------- ffffffff-5555-6666-7777-aaaaaaaaaaaa example@contoso.com 200 All</dev:code> <dev:remarks> <maml:para>This example updates the specified groupLifecyclePolicy in Microsoft Entra ID.</maml:para> <maml:para>- `-GroupLifecyclePolicyId` parameter specifies the ID of the Lifecycle Policy to be modified.</maml:para> <maml:para>- `-GroupLifetimeInDays` parameter specifies the lifetime of the groups in the policy to 200 days. The GroupLifetimeInDays represents the number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the number of days defined.</maml:para> <maml:para>- `-AlternateNotificationEmails` parameter specifies the email address that receives notifications about the policy. Multiple email address can be defined by separating email address with a semicolon.</maml:para> <maml:para>- `-ManagedGroupTypes` parameter specifies which office 365 groups the policy applies to. Possible values are `All`, `Selected`, or `None`. In this case, 'All' suggests that the policy manages all types of groups.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Online Version:</maml:linkText> <maml:uri>https://learn.microsoft.com/powershell/module/Microsoft.Entra/Set-EntraGroupLifecyclePolicy</maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraGroupLifecyclePolicy</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |