AzureAD Module Group Management

#   ////////////////////////////
#  // Create Azure AD Group  
# ////////////////////////////

New-AzureADGroup -DisplayName "Accounting Full Rights" -Description "Used for Account NTFS Full Rights" -MailEnabled $false -SecurityEnabled $true -MailNickName "NotSet"

 

#  ////////////////////////////
#  // Modify Azure AD Group 
# ///////////////////////////

Get-AzureADGroup -SearchString "Accounting Full Rights" | Set-AzureADGroup -Description "Used for Accounting Full Rights"

 

#   //////////////////////////////////////
#  //   Add User to Azure AD Group    
# //////////////////////////////////////

# Get User Account
$UserAccount=Get-AzureADUser | Where{$_.UserPrincipalName -like "Shead@*"} | Select givenname,surname, DisplayName, AccountEnabled, ObjectID

# Get Azure AD Group Object ID 
$Group_ObjectID=Get-AzureADGroup -SearchString "Accounting Full Rights" | Select -ExpandProperty ObjectID  

# Add User to Azure AD Group 
Add-AzureADGroupMember -objectID $Group_ObjectID  -RefObjectId $UserAccount.ObjectID

# Follow up and Check Group Membership 
Get-AzureADGroupMember -ObjectId $Group_ObjectID 

 


#   //////////////////////////////////////
#  // Remove user from Azure AD Group  
# //////////////////////////////////////

Remove-AzureADGroupMember -ObjectId $Group_ObjectID -MemberId $UserAccount.ObjectID

# Follow up and Check Group Membership 
Get-AzureADGroupMember -ObjectId $Group_ObjectID