Find the Entra security groups a colleague is in

05 Feb 2026 🔖 tips
💬 EN

Here’s a little PowerShell script for finding the Microsoft Entra ID security-enabled groups your colleague is in:

Connect-MgGraph -NoWelcome

$properties_of_interest = @('id', 'displayName', 'mailNickname', 'description', 'securityEnabled', 'mailEnabled')
$email_address = (Read-Host "Enter the user's email address")

Get-MgUserMemberOf `
    -UserId $email_address `
    -Property $properties_of_interest `
| Select-Object -Property @(
    @{Name = 'Id'; Expression = { $_.Id } },
    @{Name = 'DisplayName'; Expression = { $_.AdditionalProperties.displayName } },
    @{Name = 'MailNickname'; Expression = { $_.AdditionalProperties.mailNickname } },
    @{Name = 'Description'; Expression = { $_.AdditionalProperties.description } },
    @{Name = 'SecurityEnabled'; Expression = { $_.AdditionalProperties.securityEnabled } },
    @{Name = 'MailEnabled'; Expression = { $_.AdditionalProperties.mailEnabled } }
)
| Where-Object { $_.SecurityEnabled } `
| Sort-Object -Property 'DisplayName' `
| Format-List

Oh, and once you find one of interest, to see who else is in it, so as to get a better idea what it’s “really” for…

$group_display_name = (Read-Host "Enter the group's display name")

(
    Get-MgGroupMember -GroupId ( `
            Get-MgGroup -Filter "displayName eq '$group_display_name'" `
        | Select-Object -Property 'Id' -ExpandProperty 'Id' `
    ) `
) `
| Select-Object -Property @(
    @{Name = 'DisplayName'; Expression = { $_.AdditionalProperties.displayName } },
    @{Name = 'UserPrincipalName'; Expression = { $_.AdditionalProperties.userPrincipalName } }
)
| Sort-Object -Property 'DisplayName' `
| Format-List

Tweet Share on LinkedIn

Previous Post Next Post

--- ---

Salesforce, Python, SQL, & other ways to put your data where you need it

Need event music? 🎸

Find the Entra security groups a colleague is in