Get the Group Membership of a Microsoft 365 User

Native Solution

Microsoft 365 Permission Required

High

Global Admin or Privileged Role Admin.

Option 1 Using Microsoft Entra Admin Center

Sign-in to the Microsoft Entra admin center.
Go to 'All Users' tab under Identity»Users.
Select a user and then click on Groups under Manage.
Now you can see all the groups that the selected user is a member of.

Option 2 Using PowerShell Cmdlets

You can use PowerShell to get the group membership of Office 365 users. Install and connect the Azure Active Directory module. Then, run the following cmdlets to retrieve the list of Microsoft 365 groups a user is a member of.

Windows PowerShell

 Connect-AzureAD
Get-AzureADUserMembership ‐ObjectId <User Object Id>

Steps Using PowerShell Script

To retrieve and export Azure AD users' group membership report in a detailed format without any difficulties, you can simply download and execute the below PowerShell script.

UserMembershipReport.ps1

AdminDroid Solution

This report and 150+ more reports are under free editionFREE

AdminDroid Permission Required

Delegated

Any user with report access delegated by the Super Admin.

StepsUsing AdminDroid

Open AdminDroid Office 365 Reporter.
Navigate to Reports»Azure AD»User Reports»Group Membership.

Get the users' group membership report for all your Azure AD users along with information like group ID, group type, user mail, license status, sign-in status, etc.

Additionally, the report includes user-friendly features such as a bird's eye view, geo-map visualization, and charts. These elements simplify the analysis and identification of user's Microsoft 365 groups and their geographical locations.

Explore a full range of reporting options

Simple yet the best! Isn't it?

Master Microsoft 365 group memberships like a pro - Take control, secure access, and simplify Office 365 group management with AdminDroid.

Witness the report in action using the

Live Demo

Important Tips

Implement Microsoft 365 group expiration policy to efficiently manage users who belong to multiple groups. Set expiration dates for certain groups to automatically remove users' group memberships when they expire.

By utilizing group-based access, you can assign or revoke multiple licenses simply by adding or removing users from the group.

Azure AD nested groups allow creating parent groups with subgroups. Users added to parent groups gain automatic access to subgroups, simplifying user management in large organizations.

Azure ADFind All Office 365 Group Membership of a User for Effective User Management in Microsoft 365

Showing 1 of 5

Why do Azure AD users need group memberships? How to get Azure AD users with inherited Office 365 licenses? What roles are assigned to an Azure AD group? How to monitor group members in Microsoft 365 groups? How to manage group members in Azure AD?

Why do Azure AD users need group memberships?

Simplify access, boost productivity, and optimize resources! Azure AD user group memberships can satisfy all these at once! Some of the best reasons why users need group memberships are:

Streamlined Access Management User group memberships in Azure AD simplify access management by granting permission to specific file shares or SharePoint sites to a group, optimizing access permissions for these resources.
Enhanced Productivity Microsoft 365 organization can add users to groups to increase their efficiency by simplifying user management. Admins can assign roles and permissions to entire groups or departments with a few clicks.
Efficient Resource Allocation Utilizing Office 365 groups and its memberships allows seamless resource allocation. Assigning a specific license package to an entire group at once will ensure all members have same access to the required applications and services.
Impactful User Experience Azure AD users can experience improved collaboration, teamwork, and a more secure environment with Microsoft 365 group memberships.

Therefore, users with group memberships significantly enhance organizational efficiency! Conversely, users who are not a member of any groups may not contribute to the efficiency of the organization.

To avoid this, you need to monitor the users who are not in any groups and add them to their respective groups. This helps to utilize the benefits of Microsoft 365 group membership, resulting in increased collaboration.

Using AdminDroid, you can easily monitor the users not in any groups and take necessary actions to increase productivity and collaboration in your Microsoft 365 organization.

How to get Azure AD users with inherited Office 365 licenses?

To ensure proper resource allocation through M365 groups, we need to know the users with inherited licenses.

To get Azure AD users with inherited licenses, you can follow the below steps:

Login into the Microsoft Entra admin center.
Navigate to Billing»Licenses»All Products and click on Product.
Under the Assignment path, you can view the assigned path of license to the users.

You can view a list of license-assigned groups for that particular product under the Licensed Group tab.

Do you want to review how your Microsoft 365 licenses are assigned?

Using AdminDroid, effortlessly track the group-based license activities and users with inherited licenses in a single report.

To accomplish this, simply refer to AdminDroid Licensed users report with the filter set to Is License Assigned via Group – equal – Inherited.

To incorporate the necessary column into the report, you can follow the instructions provided in the AdminDroid Interactive Guide. Following these guidelines will assist you in seamlessly integrating the desired column and optimizing the overall report viewing experience.

What roles are assigned to an Azure AD group?

Azure AD group-based role assignments ensure that all members within a group inherit the assigned role. Consequently, Microsoft 365 admins should actively monitor these assignments to verify whether they have granted permissions to appropriate users.

By following the below steps, you can check the role assigned to the groups.

Login into Azure Active Directory Portal.
Navigate to Groups»Select any specific group»Click on Assigned Roles.

It shows all the assigned roles of the Microsoft 365 groups and access rights. Therefore, the members of those groups are also assigned or inherited with those roles. You can check the Members tab on the same page to verify all members of a group, roles and their access levels.

When checking the members list, it includes external user group memberships if any external user is part of the group.

Stay in control, monitor Azure AD role assignments, and manage authorization wisely.

Using AdminDroid, you can easily export the list of group-based role assignments for the Microsoft 365 groups. To achieve that, you can refer User Added as Admin report with the ‘Role Added to – contains - Group’ filter.

Tip: Once you've set your filters, save them as a customized view! No need to re-apply filters every time. Also, effortlessly export Office 365 group members report to CSV whenever you need it.

How to monitor group members in Microsoft 365 groups?

Adding users in Office 365 groups is crucial for effective collaboration, streamlined management, and improved communication. To retrieve the list of Azure AD groups a user is member of, you can use the following approaches:

Azure Active Directory To get the user group membership list in Azure AD, navigate to Azure AD»Users»Select a user»Click on Groups under Manage.
Microsoft 365 Admin Center To check Azure AD user group membership list in the Microsoft 365 admin center, navigate to Users»Active users»select a user»Click on Manage groups in the user details pane.
PowerShell Cmdlets Run the PS script provided and get all Microsoft 365 group members using PowerShell.

However, Microsoft 365 admins must manually search for users' groups in Azure Active Directory or run complex PowerShell cmdlets to get Azure AD user group memberships.

With AdminDroid, you can easily monitor all groups and their members in Office 365 using the Group Member Changes’ report. It will be very helpful for admins when monitoring a more number of groups and users who belong to multiple M365 groups.

Are you wondering how to audit Azure Active Directory group membership changes?

Utilize AdminDroid’s chart feature and select by Added/Removed user to visualize the count of membership changes. You can use the time filter at your convenience to filter the group membership changes and their count over the specified time range.

How to manage group members in Azure AD?

In order to manage Microsoft 365 users' group memberships, it is necessary to assign them to the appropriate Azure AD groups and ensure that access controls are in place. To prevent unnecessary group access, admins must regularly monitor the users' group membership in Azure Active Directory and take action to remove users from any group if they are not required in a group.

How to add a user to an Azure AD group?

Navigate to Groups»All Groups»Select Group.
Click on Add members under Members.
Enter username in search and then click on users.
Click on Select and add member to a Microsoft 365 group.

How to remove a user from an Azure AD group?

Navigate to Groups»All Groups»Select Group.
Select the check box of the respective Azure AD user.
Click on Remove and then click on Yes. to remove the user from the Microsoft 365 group.

AdminDroid Azure AD ReporterElevate Azure AD user group membership management to new heights!

Say goodbye to tedious scripts and uncover group memberships in a snap! AdminDroid Azure AD reporting and auditing tool provides an intuitive interface that allows you to quickly access and explore a Microsoft 365 user's group membership report, saving valuable time and effort.

Out-of-the-box capabilities that AdminDroid offers you to manage Azure AD user's group membership are listed below

The All Users Group Membership report offers comprehensive details regarding the Microsoft 365 group membership of users, which includes the group ID, group type, user email, license status, signin status, and more. The report serves as a valuable resource for administrators to manage Office 365 user groups effectively.

A Quick Summary

Comprehensive List of Azure AD Reports

Effortlessly locate all users and their group membership in your Microsoft 365 environment. Conveniently verify who has access to different resources in a single interface.

Dedicated Dashboard with M365 Insights

Gain a rapid overview of all group report data directly from Azure AD dashboard and utilize deeper insights into your Microsoft 365 environment.

Automated Report Generation and Scheduling

AdminDroid’s scheduling functionality will automatically forward the user membership changes to the manager’s mailbox periodically. Thus ensuring proper membership management.

Various Export Formats and Customization

Export reports in multiple formats with advanced filtering, column merging, and sorting features. Customize your reports to admins' preferences, providing accurate insights for streamlined sharing.

Advanced Alerting for Group Management

AdminDroid provides real-time alerts for group owners' changes that helps Microsoft 365 admins to stay informed about ownership changes and ensures the right users are in charge of group management.

Up-to-date Group Memberships

AdminDroid's hassle-free auto-syncing ensures that you have real-time details on user group memberships. This feature helps you stay updated with recent Microsoft 365 group memberships.

Overall, AdminDroid provides powerful features that empower you to efficiently manage and track Azure AD user group membership list for Microsoft 365 administration. You can also monitor users not in any group, recently created, deleted, enabled and disabled users report, ensuring control over the users in your Office 365 environment.

Kickstart Your Journey with AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities!

Download

Common Errors and Resolution Steps for User Group Membership

The following are possible errors and troubleshooting hints while dealing with users’ group membership management.

Error: Insufficient privileges to add the selected memberships.

This error will appear if the user or admin did not have sufficient privilege to do the action.

Troubleshooting hint :Ask your global admin to provide you with the necessary Microsoft 365 group permissions. If you are the global admin and still cannot add members, then the group is likely a dynamic Office 365 group, which manages membership based on predefined conditions.

Error: Inherited license assignments cannot be removed from the user directly. To remove the license, you must remove them from their group

This error occurs when you try to directly remove the license of a user when the license assignment is inherited via a group.

Troubleshooting hint :Check whether the license assignment is direct or inherited. If it is inherited, remove the member from their group to remove that specific license.

Error: You must call the Connect-AzureAD cmdlet before calling any other cmdlets.

When you try to get Azure AD user membership through command lines before connecting the Azure AD module, this error will occur.

Troubleshooting hint :To overcome this error, install and connect your Azure AD PowerShell module before using this cmdlet.

Install-Module AzureAD
Connect-AzureAD

Error: You don't have access to this. Your sign-in was successful but you don't have permission to access this resource.

In general, this error occurs when a restriction is imposed by a conditional access policy on your Microsoft 365 account.

Troubleshooting hint :Indicate the issue to the admin and ask to exclude you from the conditional access policy to get the Microsoft 365 group membership of a user.

Delivering Reports on Time

Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid’s Scheduling to your email anytime you need.

Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add intelligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.

Set It, Schedule It, See Results - Your Reports, Your Way, On Your Time!

Time Saving Automation Customization Intelligent Filtering

Give Just the Right Access to the Right People

Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.

Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.

Give Just the Right Access to the Right People

Align, Define, Simplify: AdminDroid's Granular Delegation

Smart Organizational Control Effortless M365 Management Simplified Access

Advanced Alerts at a Glance

Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.

Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.

AdminDroid Keeps You Always Vigilant, Never Vulnerable!

Proactive Protection Real-time Monitoring Security Intelligence Threat Detection

Merge the Required Data to One Place

Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.

This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.

Merge with Ease and Save as Views!

Custom Reporting Unique View Desired Columns Easy Data Interpretation

Insightful Charts and Exclusive Dashboards

Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.

With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.

Insightful Charts and Exclusive Dashboards

Explore Your Microsoft 365 Tenant in a Whole New Way!

Executive overviews Interactive insights Decision-making Data Visualization

Efficient Report Exporting for Microsoft 365

Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.

Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.

Efficient Report Exporting for Microsoft 365

Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!

Easy Export Seamless Downloading Data Control Manage Microsoft 365

How to Get User Group Membership Report in Azure Active Directory