Requirement: Remove a user from the Office 365 group using PowerShell.
How to remove a User from Office 365 Group?
Microsoft 365 groups are an essential tool for collaboration and communication within organizations. If you are an Office 365 administrator, there may come a time when you need to remove a user from the group. This article will show you how to remove a user from an Office 365 group using PowerShell and the Azure Active Directory Module for PowerShell. We will also show you how to remove a user from an Office 365 group using the Microsoft 365 Admin Center.
Table of contents
- How to remove a User from Office 365 Group?
- Remove User from Microsoft 365 Group using Microsoft 365 admin center
- How to Remove Group Memberships of a Microsoft 365 User?
- PowerShell to Remove User from Office 365 Group
- Remove Group Member using Microsoft Graph PowerShell
- Remove Office 365 Group Member with Exchange Online PowerShell
- PnP PowerShell to Remove a Member from Office 365 Group
- PnP PowerShell to Remove User from a SharePoint Online Site’s Associated Group
Remove User from Microsoft 365 Group using Microsoft 365 admin center
You can remove members from any Office 365 group through the Microsoft 365 admin center as an admin. Here is how:
- Log in to the Microsoft 365 Admin Center site: https://admin.microsoft.com
- Expand “Teams & Groups” and Click on “Active Teams & Groups” in the left navigation.
- Search and Select the Office 365 group you wish to remove members.
- On the Group Details page, click on the “Members” tab >>Select the users you want to remove.
- Now, you can remove group members by clicking on the “Remove as member” button next to each member. You can also select multiple users and remove them in one click. Similarly, you can click on the “Owners” tab to remove a group owner.
- Hit close once you are done!
How to Remove Group Memberships of a Microsoft 365 User?
Instead of going through Groups, You can proceed through the specific user and remove the group membership. Here is how:
- Open the Admin app in Office 365 >> In the left navigation pane, select Users >> Active users.
- Search for the user you want to remove, select the three dots from the user object, and then select “Manage groups”.
- In the next window, Select the Group(s) you would like to remove and click on the “Remove” button and confirm the prompt.
PowerShell to Remove User from Office 365 Group
A quick and easy way to remove a user from an Office 365 group is to use Azure AD PowerShell. Here is how we can use PowerShell to remove a user from Office 365 group:
#Variables$GroupName = "IT Team"$UserUPN = "[email protected]"#Connect to AzureADConnect-AzureAD -Credential (Get-Credential) #Get the Azure AD Group$AADGroup = Get-AzureADGroup -Filter "DisplayName eq '$GroupName'"#Get the Azure AD User$AADUser = Get-AzureADUser -Filter "UserPrincipalName eq '$UserUPN'"#Remove User from GroupRemove-AzureADGroupMember -ObjectId $AADGroup.ObjectID -MemberId $AADUser.ObjectID
Similarly, You can remove a user from all Office 365 Groups quickly through PowerShell as:
#Variables$UserUPN = "[email protected]"#Connect to AzureADConnect-AzureAD -Credential (Get-Credential) | Out-Null #Get all Azure AD Unified Groups$AADGroups = Get-AzureADMSGroup -Filter "groupTypes/any(c:c eq 'Unified')" -All:$true#Get the Azure AD User$AADUser = Get-AzureADUser -Filter "UserPrincipalName eq '$UserUPN'"#Check each group for the userForEach ($Group in $AADGroups) { $GroupMembers = (Get-AzureADGroupMember -ObjectId $Group.id).UserPrincipalName If ($GroupMembers -contains $UserUPN) { #Remove user from Group Remove-AzureADGroupMember -ObjectId $Group.Id -MemberId $AADUser.ObjectId Write-Output "$UserUPN was removed from $($Group.DisplayName)" }}
How about removing multiple users in Microsoft 365 groups from a CSV file? My CSV file has a “UPN” column with the login IDs of users.
#Variables$CSVFile = "C:\Temp\UserList.csv" #Connect to AzureADConnect-AzureAD -Credential (Get-Credential) | Out-Null #Get all Azure AD Unified Groups$AADGroups = Get-AzureADMSGroup -Filter "groupTypes/any(c:c eq 'Unified')" -All:$true#Iterate through each line in CSVImport-CSV $CSVFile | ForEach-Object { #Get the UPN $UPN = $_.UPN #Get the Azure AD User $AADUser = Get-AzureADUser -Filter "UserPrincipalName eq '$UPN'" #Check each group for the user ForEach ($Group in $AADGroups) { $GroupMembers = (Get-AzureADGroupMember -ObjectId $Group.id).UserPrincipalName If ($GroupMembers -contains $UPN) { #Remove user from Group Remove-AzureADGroupMember -ObjectId $Group.Id -MemberId $AADUser.ObjectId Write-Output "$UPN is removed from Group '$($Group.DisplayName)'" } }}Remove Group Member using Microsoft Graph PowerShell
To remove a member from a Microsoft 365 group using Microsoft Graph PowerShell, you can utilize the Remove-MgGroupMemberByRef cmdlet. This cmdlet allows you to remove a member from a specified Microsoft 365 group. Here is an example of how to achieve this:
#Parameters$UserID = "[email protected]"$GroupName = "Human Resource"#Connect to Microsoft GraphConnect-MgGraph -Scopes Group.ReadWrite.All, User.Read.All#Get the User$User = Get-MgUser -Filter "UserPrincipalName eq '$UserID'"#Get the Group$Group = Get-MgGroup -Filter "DisplayName eq '$GroupName'"#Check if the user is member of the group$Members = Get-MgGroupMember -GroupId $Group.IdIf ($members.Id -contains $User.Id){ #Remove member from the Group Remove-MgGroupMemberByRef -GroupId $Group.Id -DirectoryObjectId $User.ID Write-host -f Green "Removed the User from the Group!"}Else{ Write-host -f Yellow "'$UserID' is not a member of the Group!"}
n this script:
- Replace the value for
$UserIDwith the email address of the user you want to remove from the group. - Replace
'$GroupName'with the name of the group from which you want to remove the user.
Ensure that you have the Microsoft Graph PowerShell module installed and configured to use the Remove-MgGroupMemberByRef cmdlet. You can install the module by running Install-Module -Name Microsoft.Graph in an elevated PowerShell console.
Remove Office 365 Group Member with Exchange Online PowerShell
We can delete a Microsoft 365 group member with Exchange Online PowerShell as well:
#Connect to Exchange OnlineConnect-ExchangeOnline -Credential (Get-Credential) -ShowBanner:$false #PowerShell to remove a Member from office 365 groupRemove-UnifiedGrouplinks -Identity "[email protected]" -LinkType "Members" -Links "[email protected]"
PnP PowerShell to Remove a Member from Office 365 Group
Use the Remove-PnPMicrosoft365GroupMember cmdlet to remove a member from the Microsoft 365 group.
#Config Variables$AdminSiteURL = "https://crescent-admin.sharepoint.com"$GroupEmail = "[email protected]"$MemberToRemove = "[email protected]"Try { #Connect to PnP Online Connect-PnPOnline -Url $AdminSiteURL -Interactive #Get the Office 365 Group from Email $Group = Get-PnPMicrosoft365Group | Where Mail -eq $GroupEmail #Check if group exists If($Group -ne $Null) { #Get Group Members $GroupMembers = Get-PnPMicrosoft365GroupMembers -Identity $Group | Select -ExpandProperty Email If($GroupMembers -contains $MemberToRemove) { #Remove Member from Office 365 group Remove-PnPMicrosoft365GroupMember -Identity $Group -Users $MemberToRemove Write-Host "Member removed from the Group Successfully!" -f Green } Else { Write-Host "Could not find Member in the Group!" -f Yellow } } Else { Write-host "Could not Find Group!" -f Yellow }}Catch { write-host -f Red "Error:" $_.Exception.Message}
If you want to remove all members from a Microsoft 365 group, use the cmdlet: Clear-PnPMicrosoft365GroupMember.
Similarly, you can remove the owner of the group using the Remove-PnPMicrosoft365GroupOwner cmdlet:
#Config Variables$AdminSiteURL = "https://salaudeen-admin.sharepoint.com"$GroupEmail = "[email protected]"$OwnersToRemove = "[email protected]"Try { #Connect to PnP Online Connect-PnPOnline -Url $AdminSiteURL -Interactive #Get the Office 365 Group from Email $Group = Get-PnPMicrosoft365Group | Where Mail -eq $GroupEmail #Check if group exists If($Group -ne $Null) { #Get Group Owners $GroupOwners = Get-PnPMicrosoft365GroupOwner -Identity $Group | Select -ExpandProperty Email If($GroupOwners -contains $OwnersToRemove) { #Remove Owner from Office 365 group Remove-PnPMicrosoft365GroupOwner -Identity $Group -Users $OwnersToRemove Write-Host "Owner removed from the Group Successfully!" -f Green } Else { Write-Host "Could not find Owner in the Group!" -f Yellow } } Else { Write-host "Could not Find Group!" -f Yellow }}Catch { write-host -f Red "Error:" $_.Exception.Message}
When a site is connected with a Microsoft 365 group, permissions can be managed at the group level. E.g., To remove a user from the site, You have to remove him from the group.
#Parameters$SiteURL = "https://crescent.sharepoint.com/sites/CorporateBranding"$UserId= "[email protected]" Try { #Connect to PnP Online Connect-PnPOnline -Url $SiteURL -Interactive #Get the Site $Site = Get-PnPSite -Includes GroupId #Remove user from the Site's associated Microsoft 365 Group Remove-PnPMicrosoft365GroupMember -Identity $Site.GroupId -Users $UserId Write-host "Removed User from the Associated Microsoft 365 Group!" -f Green }Catch { Write-host -f Red "Error:" $_.Exception.Message}
Similarly, to remove the user from the Group owners, use the following:
Remove-PnPMicrosoft365GroupOwner -Identity $Site.GroupId -Users $UserId
Wrapping up
In conclusion, removing a user from a Microsoft 365 group is a straightforward process that can be done using the Microsoft 365 admin center or using PowerShell. By removing users who are no longer a part of the organization or no longer need access to the group’s resources, administrators can ensure the security and privacy of the information contained in the group.
