We manage several enterprise Azure AD applications that grant access to both internal users and external guest accounts. Frequently, we receive bulk requests to add guest accounts into Azure AD groups. To streamline this process and reduce manual effort, we developed a script that automates the addition of guest accounts to the required groups.
#[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;
# Connect to Azure AD
#Connect-AzureAD
# Import users from CSV
$Users = get-content "C:\temp\kumar\users.txt"
# Specify the group
$Group = Get-AzureADGroup -ObjectId abcdef-xyx-123
# Add each user to the group
foreach ($User in $Users) {
$userObjectId = (Get-AzureADUser -Filter "Mail eq '$User'").ObjectID
if ($userObjectId -ne $null) {
Add-AzureADGroupMember -ObjectId $Group.ObjectId -RefObjectId $userObjectId -ErrorAction SilentlyContinue
Write-Host "WIP $User"
}
}
#$userObjectId = (Get-AzureADUser -Filter "Mail eq 'abc@xyz.com'").ObjectID
No comments:
Post a Comment