none
First attempt at a recursive script-- to pull nested memberships of an Azure AD group. RRS feed

  • Question

  •  Function Get-RecursiveAzureAdMembership{
    [cmdletbinding()]
    param(
       [parameter(Mandatory=$True,ValueFromPipeline=$true)]
       $GroupID
    ) 
    Begin{
    $GroupIdentified = Get-AzureADGroup -ObjectId $GroupID.ObjectID
    
    $Groupname = $GroupIdentified.displayname
    $filename= 'c:\ScriptOut\' + $Groupname + '.csv'
    }
    Process {
    $GroupMembers = Get-MsolGroupMember -GroupObjectId $GroupIdentified.ObjectID -all
    
    $NestedGroups =  $GroupMembers | Where-Object{$_.GroupMemberType -eq 'Group'}
    If($GroupMembers | Where-Object {$_.GroupMemberType -eq 'Group'}){$NestedGroups += $GroupMembers | Where-Object{$_.GroupMemberType -eq 'Group'} | ForEach-Object { Get-RecursiveAzureAdMembership -GroupID $_.ObjectID}
    }
    }
     end {
            Return $GroupMembers | Out-GridView
        }
    }
    
    

    Above is the code I have currently, and the group with an member/nested group being used to search does show in the result, but the member of that group does not populate in the results. I get 3 different errors when I run this code

    Get-AzureADGroup : Cannot bind argument to parameter 'ObjectId' because it is null.
    At line:8 char:47
    + $GroupIdentified = Get-AzureADGroup -ObjectId $GroupID.ObjectID
    +                                               ~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidData: (:) [Get-AzureADGroup], ParameterBindingValidationException
        + FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.Open.AzureAD16.PowerShell.GetGro 
       up
     
    Get-MsolGroupMember : Cannot bind parameter 'GroupObjectId' to the target. Exception setting "GroupObjectId": "Cannot 
    convert null to type "System.Guid"."
    At line:14 char:52
    + ... s = Get-MsolGroupMember -GroupObjectId $GroupIdentified.ObjectID -all
    +                                            ~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : WriteError: (:) [Get-MsolGroupMember], ParameterBindingException
        + FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Online.Administration.Automation.GetGroupMember
     
    Method invocation failed because [Microsoft.Online.Administration.GroupMember] does not contain a method named 
    'op_Addition'.
    At line:17 char:67
    + ... q 'Group'}){$NestedGroups += $GroupMembers | Where-Object{$_.GroupMem ...
    +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (op_Addition:String) [], RuntimeException
        + FullyQualifiedErrorId : MethodNotFound
     

    Tuesday, June 18, 2019 10:46 PM

All replies