Adding Transitive parameter to Get-PnPAzureADGroupMember

CHANGELOG.md

@@ -61,6 +61,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 - Added `Get-PnPMicrosoft365Roadmap` which allows retrieval of the Microsoft 365 Roadmap items [#4764](https://github.com/pnp/powershell/pull/4764)
 - Added `-Name` parameter to `Add-PnPApplicationCustomizer` cmdlet to allow for specifying the name of the application customizer [#4767](https://github.com/pnp/powershell/pull/4767)
 - Added `Get-PnPTraceLog` cmdlet which allows reading from the detailed in memory logs of the PnP PowerShell cmdlet execution [#4794](https://github.com/pnp/powershell/pull/4794)
+- Added `-Transitive` parameter to `Get-PnPAzureADGroupMember` cmdlet to allow members of groups inside groups to be retrieved [#4799](https://github.com/pnp/powershell/pull/4799)
 
 ### Changed
 
@@ -143,6 +144,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
 ### Contributors
 
+- [PitSysAdmin]
 - Abhijeet Jadhav [TekExpo]
 - [abwlodar]
 - [jgfgoncalves]

documentation/Get-PnPAzureADGroupMember.md

@@ -15,17 +15,17 @@ title: Get-PnPAzureADGroupMember
 
   * Microsoft Graph API : One of Directory.Read.All, Directory.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, GroupMember.Read.All, GroupMember.ReadWrite.All, User.Read.All, User.ReadWrite.All
 
-Gets members of a particular Azure Active Directory group. This can be a security, distribution or Microsoft 365 group.
+Gets members of a particular Entra ID group. This can be a security, distribution or Microsoft 365 group.
 
 ## SYNTAX
 
 ```powershell
-Get-PnPAzureADGroupMember -Identity <AzureADGroupPipeBind> [-Connection <PnPConnection>]
+Get-PnPAzureADGroupMember -Identity <AzureADGroupPipeBind> [-Connection <PnPConnection>] [-Transitive]
 ```
 
 ## DESCRIPTION
 
-Allows to list members from given Azure Active Directory group. This can be a security, distribution or Microsoft 365 group.
+Allows to list members from given Entra ID group. This can be a security, distribution or Microsoft 365 group.
 
 ## EXAMPLES
 
@@ -34,19 +34,26 @@ Allows to list members from given Azure Active Directory group. This can be a se
 Get-PnPAzureADGroupMember -Identity $groupId
 ```
 
-Retrieves all the members of a specific Azure Active Directory group based on its ID.
+Retrieves all the direct members of a specific Entra ID group based on its ID.
 
 ### EXAMPLE 2
 ```powershell
 Get-PnPAzureADGroupMember -Identity $group
 ```
 
-Retrieves all the members of a specific Azure Active Directory group based on the group's object instance.
+Retrieves all the direct members of a specific Entra ID group based on the group's object instance.
+
+### EXAMPLE 3
+```powershell
+Get-PnPAzureADGroupMember -Identity $group -Transitive
+```
+
+Retrieves all the direct and transitive members (members of groups inside groups) of a specific Entra ID group based on the group's object instance.
 
 ## PARAMETERS
 
 ### -Identity
-The Identity of the Azure Active Directory group.
+The Identity of the Entra ID group.
 
 ```yaml
 Type: AzureADGroupPipeBind
@@ -73,6 +80,20 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Transitive
+If provided, the direct and transitive members (members of groups in the group) of a group will be returned. If not provided, only the members directly assigned to the group will be returned.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ## RELATED LINKS
 
 [Microsoft 365 Patterns and Practices](https://aka.ms/m365pnp)

src/Commands/AzureAD/GetAzureADGroupMember.cs

@@ -18,6 +18,9 @@ public class GetAzureADGroupMember : PnPGraphCmdlet
         [Parameter(Mandatory = true, ValueFromPipeline = true)]
         public AzureADGroupPipeBind Identity;
 
+        [Parameter(Mandatory = false, ValueFromPipeline = false)]
+        public SwitchParameter Transitive;
+
         protected override void ExecuteCmdlet()
         {
             Group group = null;
@@ -30,8 +33,11 @@ protected override void ExecuteCmdlet()
             if (group != null)
             {
                 // Get members of the group
-                var members = Microsoft365GroupsUtility.GetMembers(GraphRequestHelper, new Guid(group.Id));
-                WriteObject(members?.OrderBy(m => m.DisplayName), true);
+                var members = Transitive
+                    ? Microsoft365GroupsUtility.GetTransitiveMembers(GraphRequestHelper, new Guid(group.Id))
+                    : Microsoft365GroupsUtility.GetMembers(GraphRequestHelper, new Guid(group.Id));
+                    WriteObject(members?.OrderBy(m => m.DisplayName), true);
+
             }
         }
     }

src/Commands/Utilities/Microsoft365GroupsUtility.cs

@@ -389,6 +389,11 @@ internal static IEnumerable<Microsoft365User> GetMembers(ApiRequestHelper reques
         {
             return GetGroupMembers(requestHelper, "members", groupId);
         }
+
+        internal static IEnumerable<Microsoft365User> GetTransitiveMembers(ApiRequestHelper requestHelper, Guid groupId)
+        {
+            return GetGroupMembers(requestHelper, "transitiveMembers", groupId);
+        }
 
         private static IEnumerable<Microsoft365User> GetGroupMembers(ApiRequestHelper requestHelper, string userType, Guid groupId)
         {