List external users across all sites and in what site groups they are
Summary
This script shows how you can check if external users are added to site groups. It will show all external users across all site collections and the site groups they where added to.
$m365Status = m365 status --output text
if ($m365Status -eq "Logged Out") {
m365 login
}
Write-Host "Retrieving all sites and check external users..." -ForegroundColor Green
$sites = m365 spo site classic list -o json | ConvertFrom-Json
$siteCount = $sites.Count
$siteCounter = 0
$results = [System.Collections.ArrayList]::new()
$spoAccessToken = m365 util accesstoken get --resource sharepoint --new | ConvertFrom-Json
Write-Host "Processing $siteCount sites..."
foreach ($site in $sites) {
$siteCounter++
Write-Host "$siteCounter/$siteCount - Get external users in site groups for $($site.Url)..." -ForegroundColor Green
$response = Invoke-WebRequest -Uri "$($site.Url)/_api/web/siteusers?`$filter=IsShareByEmailGuestUser eq true&`$expand=Groups&`$select=Title,LoginName,Email,Groups/LoginName" -Method Get -Headers @{ Authorization = "Bearer $spoAccessToken"; Accept = "application/json;odata=nometadata" }
$users = $response.Content | ConvertFrom-Json
foreach($user in $users.value) {
foreach($group in $user.Groups) {
$obj = [PSCustomObject][ordered]@{
Title = $user.Title;
Email = $user.Email;
LoginName = $user.LoginName;
Group = $group.LoginName;
}
$results.Add($obj) | Out-Null
}
}
}
Write-Host "Exporting list..." -ForegroundColor Green
$results | Export-Csv -Path "./cli-external-users-in-sitegroups.csv" -NoTypeInformation
Check out the CLI for Microsoft 365 to learn more at: https://aka.ms/cli-m365
Important changes coming to the way you login into CLI for Microsoft 365 (effective 9th September 2024) see Changes in PnP Management Shell registration in Microsoft 365
Contributors
| Author(s) |
|---|
| Martin Lingstuyl |
| Bart-Jan Dekker |
Disclaimer
THESE SAMPLES ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.