-
Notifications
You must be signed in to change notification settings - Fork 0
/
07-04-CreateGroupsEntraID.ps1
88 lines (73 loc) · 3.36 KB
/
07-04-CreateGroupsEntraID.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#---------------------------------------
#IKKE FERDIG
#---------------------------------------
# Title: Create security groups in Microsoft Entra Identity
# Created: 2024-03-15
# This scrip creates security groups in Microsoft Entra Identity based on a CSV-file with group names
#
# The script uses the Microsoft Graph PowerShell SDK to create the groups
# The script also checks if the groups already exists
# The script uses the New-MgGroup and Get-MgGroup cmdlets
#
# Micorosoft Learn: Groups
# New-MgGroup - https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.groups/new-mggroup?view=graph-powershell-1.0
# Get-MgGroup - https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.groups/get-mggroup?view=graph-powershell-1.0
#
#
$TenantID = "42b38ed3-4451-4a95-a62f-b2250c2683ac" # Remember to change this to your own TenantID
Connect-MgGraph -TenantId $TenantID -Scopes "User.ReadWrite.All", "Group.ReadWrite.All", "Directory.ReadWrite.All", "RoleManagement.ReadWrite.Directory"
# Get the current session details
$Details = Get-MgContext
$Scopes = $Details | Select-Object -ExpandProperty Scopes
$Scopes = $Scopes -join ","
$OrgName = (Get-MgOrganization).DisplayName
""
""
"Microsoft Graph current session details:"
"---------------------------------------"
"Tenant Id = $($Details.TenantId)"
"Client Id = $($Details.ClientId)"
"Org name = $OrgName"
"App Name = $($Details.AppName)"
"Account = $($Details.Account)"
"Scopes = $Scopes"
"---------------------------------------"
# Root folder for the project
$rootFolder = "/Users/melling/git-projects/dcst1005"
$csvfile = "07-00-CSV-groups.csv"
# Variables for groups created and not created
$groupsCreated = @()
$groupsNotCreated = @()
$groupsExists = @()
# Group prefix / suffix
$prefix = "s_" # s_ for security groups, m_ for Microsoft 365 groups etc.
$suffix = "_group"
# Import the CSV-file with users
$groups = Import-Csv -Path "$rootFolder/$csvfile" -Delimiter "," # Remember to put the / \ in the path (depending on OS)
foreach ($group in $groups) {
$group = $prefix + $group.groups + $suffix
$existingGroup = Get-MgGroup -Filter "displayName eq '$group'"
if ($existingGroup) {
Write-Host "Group $group already exists" -ForegroundColor Red
$groupsExists += $group
}
else {
try {
Write-Host "Creating group $group" -ForegroundColor Green
New-MgGroup -DisplayName $group -MailEnabled:$false -MailNickname $group -SecurityEnabled:$true
$groupsCreated += $group
}
catch {
Write-Host "Failed to create group $group" -ForegroundColor Red
$groupsNotCreated += $group
}
}
}
# Convert the array of strings to an array of objects with a 'GroupName' property
$groupsCreatedObjects = $groupsCreated | ForEach-Object { [PSCustomObject]@{GroupName = $_} }
$groupsNotCreatedObjects = $groupsNotCreated | ForEach-Object { [PSCustomObject]@{GroupName = $_} }
$groupsExistsObjects = $groupsExists | ForEach-Object { [PSCustomObject]@{GroupName = $_} }
# Export the results to CSV files
$groupsCreatedObjects | Export-Csv -Path "$rootFolder/groups_created.csv" -NoTypeInformation -Encoding UTF8
$groupsNotCreatedObjects | Export-Csv -Path "$rootFolder/groups_not_created.csv" -NoTypeInformation -Encoding UTF8
$groupsExistsObjects | Export-Csv -Path "$rootFolder/groups_exists.csv" -NoTypeInformation -Encoding UTF8