In this post, I am going to share a Powershell script to get a list of disabled members in Office 365 Groups (aka Microsoft 365 Group). You can get Office 365 group members using the Exchange Online Powershell command Get-UnifiedGroupLinks and find user account status by using the Azure AD Powershell command Get-AzureADUser. In Azure AD environment, the disabled users are nothing but the sign-in access blocked users.
Before start, install the Azure AD PowerShell for Graph and Exchange Online Powershell V2 module.
Run the below commands to connect AzureAD and Exchange Online modules:
#To use Get-AzureADUser cmdlet Connect-AzureAD #To use Get-UnifiedGroupLinks cmdlet Connect-ExchangeOnline
Get a list of disabled members in a given Office 365 group:
$Result=@()
#Replace your group name
$o365Group = "YourO365Group"
$groupMembers = Get-UnifiedGroupLinks -Identity $o365Group -LinkType Members -ResultSize Unlimited
$groupMembers | ForEach-Object {
$memberId = $_.ExternalDirectoryObjectId
$user = Get-AzureADUser -ObjectId $memberId -ErrorAction SilentlyContinue
If ($user -ne $Null)
{
If ($user.AccountEnabled -eq $true) {
$userStatus = "Enabled"
} Else {
$userStatus = "Disabled"
}
$Result += New-Object PSObject -property @{
UserName = $user.DisplayName
UserPrincipalName = $user.UserPrincipalName
AccountStatus = $userStatus
}
}
Else
{
#Write-Host "User not found: $_.DisplayName"
}
}
$Result |Where-Object {$_.AccountStatus -eq "Disabled"} | Select-Object UserName,UserPrincipalName
Export result to CSV file:
You can export disabled Office 365 Group members to CSV file by running below command.
$Result | Where-Object {$_.AccountStatus -eq "Disabled"} |
Select-Object UserName,UserPrincipalName |
Export-CSV "C:\DisabledO365GroupMembers.csv" -NoTypeInformation -Encoding UTF8
Find enabled members alone in Office 365 Group:
Run the below command to list only enabled members in Microsoft 365 group.
$Result | Where-Object {$_.AccountStatus -eq "Enabled"} | Select-Object UserName,UserPrincipalName
Advertisement