Get-MgmtGraphUserMemberOf

MgmtGraph: Audits group memberships for a Microsoft Graph user

Script

#Requires -Version 5.1
#Requires -Modules Microsoft.Graph.Users

[CmdletBinding()]
Param (
    [Parameter(Mandatory = $true, Position = 0)]
    [string]$Identity,

    [switch]$Transitive
)

Process {
    try {
        $params = @{
            'UserId'      = $Identity
            'All'         = $true
            'ErrorAction' = 'Stop'
        }

        if ($Transitive) {
            $memberships = Get-MgUserTransitiveMemberOf @params
        }
        else {
            $memberships = Get-MgUserMemberOf @params
        }

        $results = foreach ($m in $memberships) {
            [PSCustomObject]@{
                DisplayName = $m.AdditionalProperties.displayName
                Type        = $m.AdditionalProperties.'@odata.type'.Replace('#microsoft.graph.', '')
                Mail        = $m.AdditionalProperties.mail
                Id          = $m.Id
                Timestamp   = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
            }
        }

        Write-Output ($results | Sort-Object DisplayName)
    }
    catch {
        throw
    }
}

Customize

Identity string

Specifies the UserPrincipalName or ID of the user to audit.

Transitive switch

Off

If set, retrieves transitive memberships including nested groups.