diff --git a/CHANGELOG.md b/CHANGELOG.md index 989c58b82..9c76687da 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - Added `Get-PnPMicrosoft365Roadmap` which allows retrieval of the Microsoft 365 Roadmap items [#4764](https://github.com/pnp/powershell/pull/4764) - Added `-Name` parameter to `Add-PnPApplicationCustomizer` cmdlet to allow for specifying the name of the application customizer [#4767](https://github.com/pnp/powershell/pull/4767) - Added `Get-PnPTraceLog` cmdlet which allows reading from the detailed in memory logs of the PnP PowerShell cmdlet execution [#4794](https://github.com/pnp/powershell/pull/4794) +- Added `-Transitive` parameter to `Get-PnPAzureADGroupMember` cmdlet to allow members of groups inside groups to be retrieved [#4799](https://github.com/pnp/powershell/pull/4799) ### Changed @@ -143,6 +144,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). ### Contributors +- [PitSysAdmin] - Abhijeet Jadhav [TekExpo] - [abwlodar] - [jgfgoncalves] diff --git a/documentation/Get-PnPAzureADGroupMember.md b/documentation/Get-PnPAzureADGroupMember.md index fdc75fd42..fd1999d67 100644 --- a/documentation/Get-PnPAzureADGroupMember.md +++ b/documentation/Get-PnPAzureADGroupMember.md @@ -15,17 +15,17 @@ title: Get-PnPAzureADGroupMember * Microsoft Graph API : One of Directory.Read.All, Directory.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, GroupMember.Read.All, GroupMember.ReadWrite.All, User.Read.All, User.ReadWrite.All -Gets members of a particular Azure Active Directory group. This can be a security, distribution or Microsoft 365 group. +Gets members of a particular Entra ID group. This can be a security, distribution or Microsoft 365 group. ## SYNTAX ```powershell -Get-PnPAzureADGroupMember -Identity [-Connection ] +Get-PnPAzureADGroupMember -Identity [-Connection ] [-Transitive] ``` ## DESCRIPTION -Allows to list members from given Azure Active Directory group. This can be a security, distribution or Microsoft 365 group. +Allows to list members from given Entra ID group. This can be a security, distribution or Microsoft 365 group. ## EXAMPLES @@ -34,19 +34,26 @@ Allows to list members from given Azure Active Directory group. This can be a se Get-PnPAzureADGroupMember -Identity $groupId ``` -Retrieves all the members of a specific Azure Active Directory group based on its ID. +Retrieves all the direct members of a specific Entra ID group based on its ID. ### EXAMPLE 2 ```powershell Get-PnPAzureADGroupMember -Identity $group ``` -Retrieves all the members of a specific Azure Active Directory group based on the group's object instance. +Retrieves all the direct members of a specific Entra ID group based on the group's object instance. + +### EXAMPLE 3 +```powershell +Get-PnPAzureADGroupMember -Identity $group -Transitive +``` + +Retrieves all the direct and transitive members (members of groups inside groups) of a specific Entra ID group based on the group's object instance. ## PARAMETERS ### -Identity -The Identity of the Azure Active Directory group. +The Identity of the Entra ID group. ```yaml Type: AzureADGroupPipeBind @@ -73,6 +80,20 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -Transitive +If provided, the direct and transitive members (members of groups in the group) of a group will be returned. If not provided, only the members directly assigned to the group will be returned. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) + +Required: False +Position: Named +Default value: False +Accept pipeline input: False +Accept wildcard characters: False +``` + ## RELATED LINKS [Microsoft 365 Patterns and Practices](https://aka.ms/m365pnp) \ No newline at end of file diff --git a/src/Commands/AzureAD/GetAzureADGroupMember.cs b/src/Commands/AzureAD/GetAzureADGroupMember.cs index f2cd3c140..cedd5f224 100644 --- a/src/Commands/AzureAD/GetAzureADGroupMember.cs +++ b/src/Commands/AzureAD/GetAzureADGroupMember.cs @@ -18,6 +18,9 @@ public class GetAzureADGroupMember : PnPGraphCmdlet [Parameter(Mandatory = true, ValueFromPipeline = true)] public AzureADGroupPipeBind Identity; + [Parameter(Mandatory = false, ValueFromPipeline = false)] + public SwitchParameter Transitive; + protected override void ExecuteCmdlet() { Group group = null; @@ -30,8 +33,11 @@ protected override void ExecuteCmdlet() if (group != null) { // Get members of the group - var members = Microsoft365GroupsUtility.GetMembers(GraphRequestHelper, new Guid(group.Id)); - WriteObject(members?.OrderBy(m => m.DisplayName), true); + var members = Transitive + ? Microsoft365GroupsUtility.GetTransitiveMembers(GraphRequestHelper, new Guid(group.Id)) + : Microsoft365GroupsUtility.GetMembers(GraphRequestHelper, new Guid(group.Id)); + WriteObject(members?.OrderBy(m => m.DisplayName), true); + } } } diff --git a/src/Commands/Utilities/Microsoft365GroupsUtility.cs b/src/Commands/Utilities/Microsoft365GroupsUtility.cs index 3c8cafff1..648897129 100644 --- a/src/Commands/Utilities/Microsoft365GroupsUtility.cs +++ b/src/Commands/Utilities/Microsoft365GroupsUtility.cs @@ -389,6 +389,11 @@ internal static IEnumerable GetMembers(ApiRequestHelper reques { return GetGroupMembers(requestHelper, "members", groupId); } + + internal static IEnumerable GetTransitiveMembers(ApiRequestHelper requestHelper, Guid groupId) + { + return GetGroupMembers(requestHelper, "transitiveMembers", groupId); + } private static IEnumerable GetGroupMembers(ApiRequestHelper requestHelper, string userType, Guid groupId) {