Author: [email protected]
This powershell script syncs members of a specified MS Teams TEAM with a specified authoritative Active Directory Group.
NOTE: The Active Directory Group is considered the authoritative membership to base all changes off of, no changes to the AD Group will occur with this script.
(WithRemove) is an optional flag for removing members from a MS Teams TEAM (ie. leave out if you only want to ADD users)
(TestOnly or Update) is a flag that can be used to do a test run for a sync, to get a report of potential changes, and to create CSV lists of AD and MS Teams TEAM current members.
teams_ad_user_sync.ps1 (Team Group ID) (Active Directory Group that contain Members to add or remove from MS Teams TEAM) (WithRemove flag) (TestOnly or Update flag) teams_ad_user_sync.ps1 "1f6cded9-2277-49d6-8d5c-2ec7fc9d6639" "CSNRIMIT" "WithRemove" "TestOnly"https://github.com/microsoftgraph/msgraph-sdk-powershell/blob/dev/samples/4-UsersAndGroups.ps1
https://petri.com/microsoft-launches-preview-powershell-module-graph
http://www.thatlazyadmin.com/install-microsoft-teams-powershell-module/
https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-adgroupmember?view=win10-ps
https://community.spiceworks.com/topic/444390-get-adgroupmembers-emails
https://docs.microsoft.com/en-us/powershell/module/teams/add-teamuser?view=teams-ps
Install powershell modules via powershell prompt (this took way too long, requires admin access):
Install-Module -Name MicrosoftTeams
Install-module Microsoft.GraphThis may be a one time step, to allow powershell via the device:
Connect-GraphConnect to MS Teams this is required on session startup -
Connect-MicrosoftTeamsFind the Team (I sniffed my web traffic to find the GroupID for the IIT All staff Team)
Get-TeamChannel -GroupId 1f6cded9-2277-49d6-8d5c-2ec7fc9d6639 Lists all the users in the Teams Channel:
Get-TeamUser -GroupId 1f6cded9-2277-49d6-8d5c-2ec7fc9d6639