From 7b24f469c270fa6559c7cf87c50bf9fc802d180c Mon Sep 17 00:00:00 2001 From: AdminDroid <49208841+admindroid-community@users.noreply.github.com> Date: Tue, 25 Apr 2023 13:10:33 +0530 Subject: [PATCH] Export Microsoft 365 Group Report with MS Graph Export Microsoft 365 Group Report with MS Graph --- .../M365GroupReport.ps1 | 404 ++++++++++-------- 1 file changed, 228 insertions(+), 176 deletions(-) diff --git a/Microsoft 365 Group Report/M365GroupReport.ps1 b/Microsoft 365 Group Report/M365GroupReport.ps1 index 061132b..2d488f6 100644 --- a/Microsoft 365 Group Report/M365GroupReport.ps1 +++ b/Microsoft 365 Group Report/M365GroupReport.ps1 @@ -18,197 +18,249 @@ Param [switch]$MailEnabledSecurity, [Switch]$IsEmpty, [Int]$MinGroupMembersCount, - [string]$UserName, - [string]$Password + [string]$TenantId, + [string]$ClientId, + [string]$CertificateThumbprint ) Function Get_members { - $DisplayName=$_.DisplayName - Write-Progress -Activity "`n Processed Group count: $Count "`n" Getting members of: $DisplayName" - $EmailAddress=$_.EmailAddress - $GroupType=$_.GroupType - $ObjectId=$_.ObjectId - $Recipient="" - $RecipientHash=@{} - for($KeyIndex = 0; $KeyIndex -lt $RecipientTypeArray.Length; $KeyIndex += 2) - { - $key=$RecipientTypeArray[$KeyIndex] - $Value=$RecipientTypeArray[$KeyIndex+1] - $RecipientHash.Add($key,$Value) - } - $Members=Get-MsolGroupMember -All -GroupObjectId $ObjectId - $MembersCount=$Members.Count - - #Filter for security group - if(($Security.IsPresent) -and ($GroupType -ne "Security")) - { - Return - } - - #Filter for Distribution list - if(($DistributionList.IsPresent) -and ($GroupType -ne "DistributionList")) - { - Return - } - - #Filter for mail enabled security group - if(($MailEnabledSecurity.IsPresent) -and ($GroupType -ne "MailEnabledSecurity")) - { - Return - } - - #GroupSize Filter - if(([int]$MinGroupMembersCount -ne "") -and ($MembersCount -lt [int]$MinGroupMembersCount)) - { - Return - } - #Check for Empty Group - elseif($MembersCount -eq 0) - { - $MemberName="No Members" - $MemberEmail="-" - $RecipientTypeDetail="-" - Print_Output - } - - #Loop through each member in a group - else - { - foreach($Member in $Members) - { - if($IsEmpty.IsPresent) - { - return - } - $MemberName=$Member.DisplayName - $MemberType=$Member.GroupMemberType - $MemberEmail=$Member.EmailAddress - if($MemberEmail -eq "") - { - $MemberEmail="-" - } - #Get Counts by RecipientTypeDetail - foreach($key in [object[]]$Recipienthash.Keys) - { - if(($MemberType -eq $key) -eq "true") + $DisplayName=$_.DisplayName + Write-Progress -Activity "`n Processed Group count: $Count "`n" Getting members of: $DisplayName" + $EmailAddress=$_.Mail + if($_.GroupTypes -eq "Unified") { - [int]$RecipientHash[$key]+=1 + $GroupType="Microsoft 365" + } + elseif($_.Mail -ne $null) + { + if($_.SecurityEnabled -eq $false) + { + $GroupType="DistributionList" + } + else + { + $GroupType="MailEnabledSecurity" + } + } + else + { + $GroupType="Security" + } + $GroupId=$_.Id + $Recipient="" + $RecipientHash=@{} + for($KeyIndex = 0; $KeyIndex -lt $RecipientTypeArray.Length; $KeyIndex += 2) + { + $key=$RecipientTypeArray[$KeyIndex] + $Value=$RecipientTypeArray[$KeyIndex+1] + $RecipientHash.Add($key,$Value) + } + $Members=Get-MgGroupMember -All -GroupId $GroupId + $MembersCount=$Members.Count + $Members=$Members.AdditionalProperties + #Filter for security group + if(($Security.IsPresent) -and ($GroupType -ne "Security")) + { + Return + } + + #Filter for Distribution list + if(($DistributionList.IsPresent) -and ($GroupType -ne "DistributionList")) + { + Return + } + + #Filter for mail enabled security group + if(($MailEnabledSecurity.IsPresent) -and ($GroupType -ne "MailEnabledSecurity")) + { + Return + } + + #GroupSize Filter + if(([int]$MinGroupMembersCount -ne "") -and ($MembersCount -lt [int]$MinGroupMembersCount)) + { + Return + } + #Check for Empty Group + elseif($MembersCount -eq 0) + { + $MemberName="No Members" + $MemberEmail="-" + $RecipientTypeDetail="-" + Print_Output + } + #Loop through each member in a group + else + { + foreach($Member in $Members){ + if($IsEmpty.IsPresent) + { + return + } + $MemberName=$Member.displayName + if($Member.'@odata.type' -eq '#microsoft.graph.user') + { + $MemberType="User" + } + elseif($Member.'@odata.type' -eq '#microsoft.graph.group') + { + $MemberType="Group" + } + elseif($Member.'@odata.type' -eq '#microsoft.graph.orgContact') + { + $MemberType="Contact" + } + $MemberEmail=$Member.mail + if($MemberEmail -eq "") + { + $MemberEmail="-" + } + #Get Counts by RecipientTypeDetail + foreach($key in [object[]]$Recipienthash.Keys){ + if(($MemberType -eq $key) -eq "true") + { + [int]$RecipientHash[$key]+=1 + } + } + Print_Output + } } - } - Print_Output - } - } - #Order RecipientTypeDetail based on count - $Hash=@{} - $Hash=$RecipientHash.GetEnumerator() | Sort-Object -Property value -Descending |foreach{ - if([int]$($_.Value) -gt 0 ) - { - if($Recipient -ne "") - { $Recipient+=";"} - $Recipient+=@("$($_.Key) - $($_.Value)") - } - if($Recipient -eq "") - {$Recipient="-"} - } - #Print Summary report - $Result=@{'DisplayName'=$DisplayName;'EmailAddress'=$EmailAddress;'GroupType'=$GroupType;'GroupMembersCount'=$MembersCount;'MembersCountByType'=$Recipient} - $Results= New-Object PSObject -Property $Result - $Results | Select-Object DisplayName,EmailAddress,GroupType,GroupMembersCount,MembersCountByType | Export-Csv -Path $ExportSummaryCSV -Notype -Append + #Order RecipientTypeDetail based on count + $Hash=@{} + $Hash=$RecipientHash.GetEnumerator() | Sort-Object -Property value -Descending |foreach{ + if([int]$($_.Value) -gt 0 ) + { + if($Recipient -ne "") + { + $Recipient+=";" + } + $Recipient+=@("$($_.Key) - $($_.Value)") + } + if($Recipient -eq "") + { + $Recipient="-" + } + } + #Print Summary report + $Result=@{'DisplayName'=$DisplayName;'EmailAddress'=$EmailAddress;'GroupType'=$GroupType;'GroupMembersCount'=$MembersCount;'MembersCountByType'=$Recipient} + $Results= New-Object PSObject -Property $Result + $Results | Select-Object DisplayName,EmailAddress,GroupType,GroupMembersCount,MembersCountByType | Export-Csv -Path $ExportSummaryCSV -Notype -Append } #Print Detailed Output Function Print_Output { - $Result=@{'GroupName'=$DisplayName;'GroupEmailAddress'=$EmailAddress;'Member'=$MemberName;'MemberEmail'=$MemberEmail;'MemberType'=$MemberType} - $Results= New-Object PSObject -Property $Result - $Results | Select-Object GroupName,GroupEmailAddress,Member,MemberEmail,MemberType | Export-Csv -Path $ExportCSV -Notype -Append + $Result=@{'GroupName'=$DisplayName;'GroupEmailAddress'=$EmailAddress;'Member'=$MemberName;'MemberEmail'=$MemberEmail;'MemberType'=$MemberType} + $Results= New-Object PSObject -Property $Result + $Results | Select-Object GroupName,GroupEmailAddress,Member,MemberEmail,MemberType | Export-Csv -Path $ExportCSV -Notype -Append +} +Function CloseConnection +{ + Disconnect-MgGraph | Out-Null + Exit } - Function main() { - #Check for MSOnline module - $Module=Get-Module -Name MSOnline -ListAvailable - if($Module.count -eq 0) - { - Write-Host MSOnline module is not available -ForegroundColor yellow - $Confirm= Read-Host Are you sure you want to install module? [Y] Yes [N] No - if($Confirm -match "[yY]") - { - Install-Module MSOnline - Import-Module MSOnline - } - else - { - Write-Host MSOnline module is required to connect AzureAD.Please install module using Install-Module MSOnline cmdlet. - Exit - } - } - Write-Host Connecting to Office 365... - #Storing credential in script for scheduling purpose/ Passing credential as parameter - if(($UserName -ne "") -and ($Password -ne "")) - { - $SecuredPassword = ConvertTo-SecureString -AsPlainText $Password -Force - $Credential = New-Object System.Management.Automation.PSCredential $UserName,$SecuredPassword - Connect-MsolService -Credential $credential - } - else - { - Connect-MsolService | Out-Null - } - - #Set output file - $ExportCSV=".\M365Group-DetailedMembersReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv" #Detailed report - $ExportSummaryCSV=".\M365Group-SummaryReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv" #Summary report + #Check for MSOnline module + $MsGraphModule = Get-Module Microsoft.Graph -ListAvailable + if($MsGraphModule -eq $null) + { + Write-host "Important: MicrosoftGraph module is unavailable. It is mandatory to have this module installed in the system to run the script successfully." + $confirm= Read-Host Are you sure you want to install module? [Y] Yes [N] No + if($confirm -match "[yY]") + { + Write-host "Installing MicrosoftGraph module..." + Install-Module Microsoft.Graph -Repository PsGallery -Force -AllowClobber -Scope CurrentUser + Write-host "Required Module is installed in the machine Successfully" -ForegroundColor Magenta + } + else + { + Write-host "Exiting. `nNote: MsGraph module must be available in your system to run the script. Please install required module." -ForegroundColor Red + Exit + } + } + Write-Host "Connecting to Microsoft Graph..." + $Scopes = @( + "Group.Read.All" + ) + #Storing credential in script for scheduling purpose/ Passing credential as parameter + $Error.Clear() + if(($TenantId -ne "") -and ($ClientId -ne "") -and ($CertificateThumbprint -ne "")) + { + try + { + Connect-MgGraph -TenantId $TenantId -AppId $ClientId -CertificateThumbprint $CertificateThumbprint + } + catch + { + Write-Host "Please provide Correct Details!" -ForegroundColor Red + Exit + } + } + else + { + Connect-MgGraph -Scopes $Scopes + } + Write-Host "Microsoft graph connected" -ForegroundColor Green + #Set output file + $ExportCSV=".\M365Group-DetailedMembersReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv" #Detailed report + $ExportSummaryCSV=".\M365Group-SummaryReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv" #Summary report - #Get a list of RecipientTypeDetail - $RecipientTypeArray=Get-Content -Path .\RecipientTypeDetails.txt -ErrorAction Stop - $Result="" - $Results=@() - $Count=0 + #Get a list of RecipientTypeDetail + $RecipientTypeArray=Get-Content -Path .\RecipientTypeDetails.txt -ErrorAction Stop + $Result="" + $Results=@() + $Count=0 + Write-Progress -Activity "Collecting group info" + #Check for input file + if([string]$GroupIDsFile -ne "") + { + #We have an input file, read it into memory + $DG=@() + $DG=Import-Csv -Header "DisplayName" $GroupIDsFile + foreach($item in $DG){ + Get-MgGroup -GroupId $item.displayname | Foreach{ + $Count++ + Get_Members + } + } + } + else + { + #Get all Office 365 group + Get-MgGroup -All -ErrorAction SilentlyContinue -ErrorVariable PermissionError| Foreach{ + $Count++ + Get_Members + } + if($PermissionError) + { + Write-Host "Please Add permissions!" -ForegroundColor Red + CloseConnection + } + } - #Check for input file - if([string]$GroupIDsFile -ne "") - { - #We have an input file, read it into memory - $DG=@() - $DG=Import-Csv -Header "DisplayName" $GroupIDsFile - foreach($item in $DG) - { - Get-MsolGroup -ObjectId $item.displayname | Foreach{ - $Count++ - Get_Members} - - } - } - else - { - #Get all Office 365 group - Get-MsolGroup -All | Foreach{ - $Count++ - Get_Members - } - } - - #Open output file after execution - Write-Host `nScript executed successfully - if((Test-Path -Path $ExportCSV) -eq "True") - { - Write-Host Detailed report available in: $ExportCSV - Write-host Summary report available in: $ExportSummaryCSV - $Prompt = New-Object -ComObject wscript.shell - $UserInput = $Prompt.popup("Do you want to open output file?",` - 0,"Open Output File",4) - If ($UserInput -eq 6) - { - Invoke-Item "$ExportCSV" - Invoke-Item "$ExportSummaryCSV" - } - } - Else - { - Write-Host No Group found. - } + #Open output file after execution + Write-Host "Script executed successfully" -ForegroundColor Green + if((Test-Path -Path $ExportCSV) -eq "True") + { + Write-Host Detailed report available in: $ExportCSV -ForegroundColor Magenta + Write-host Summary report available in: $ExportSummaryCSV -ForegroundColor Magenta + $Prompt = New-Object -ComObject wscript.shell + $UserInput = $Prompt.popup("Do you want to open output file?",` 0,"Open Output File",4) + If ($UserInput -eq 6) + { + Invoke-Item "$ExportCSV" + Invoke-Item "$ExportSummaryCSV" + CloseConnection + } + } + Else + { + Write-Host "No group found" -ForegroundColor Red + CloseConnection + } } - . main \ No newline at end of file +. main +