Documentation Index
Fetch the complete documentation index at: https://ps365.clidsys.com/llms.txt
Use this file to discover all available pages before exploring further.
SYNOPSIS
Retrieves dynamic groups from Microsoft 365, Exchange Online, and Entra ID with attribute analysis.SYNTAX
DESCRIPTION
The Get-DynamicGroup function retrieves all dynamic groups from Microsoft 365 environments, including Exchange Online Dynamic Distribution Groups and Entra ID Dynamic Security/M365 Groups. It analyzes membership rules to extract attributes and provides security warnings for attributes in the “Personal-Information” property set that users can modify themselves. By default, only the member count is returned (MembersCount). Use -IncludeMembers to also get the concatenated lists of member names and IDs, or -MemberReport to get one row per (group, member).EXAMPLES
EXAMPLE 1
EXAMPLE 2
EXAMPLE 3
EXAMPLE 4
EXAMPLE 5
EXAMPLE 6
PARAMETERS
-GroupId
When specified, retrieves dynamic groups by their unique GroupId. If not specified, retrieves all dynamic groups (both Exchange Online and Entra ID).-ExchangeOnlineOnly
When specified, retrieves only Exchange Online Dynamic Distribution Groups. Requires an active Exchange Online session (use Connect-ExchangeOnline).-EntraIDOnly
When specified, retrieves only Entra ID Dynamic Groups (Security and M365 groups). Requires an active Microsoft Graph connection (use Connect-MgGraph).-ExportToExcel
When specified, exports the result to an Excel file in the user’s profile directory instead of returning it. When combined with -MemberReport, the member rows are written to a second worksheet named “Members” in the same workbook.-IncludeMembers
When specified, populates the MembersName (pipe-separated display names) and MembersId (pipe-separated object IDs) properties in addition to MembersCount. By default, only MembersCount is populated to avoid slow enumeration on large groups. Ignored when -MemberReport is used.-MemberReport
When specified, the function returns one row per (group, member) pair instead of the per-group aggregated objects. Useful to export a flat list of members with their parent group. Output columns: GroupId, GroupName, GroupType, MembershipRule, MemberId, MemberDisplayName, MemberPrincipal, MemberType.CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.INPUTS
OUTPUTS
System.Collections.Generic.List[Object]
NOTES
OUTPUT PROPERTIES (default / -IncludeMembers mode) Returns a collection of custom objects with the following properties:- GroupId: Unique identifier of the group
- Name: Display name of the group
- Type: Type of dynamic group (Exchange Dynamic Distribution Group, M365 Dynamic Group, Entra ID Dynamic Security Group)
- MembershipRule: The membership rule or LDAP filter used for dynamic membership
- MembershipRuleProcessingState: Processing state of the membership rule (Entra ID only)
- UserAttributes: Pipe-separated list of user attributes referenced in the membership rule
- GroupAttributes: Pipe-separated list of group attributes referenced in the membership rule (Entra ID only)
- DeviceAttributes: Pipe-separated list of device attributes referenced in the membership rule (Entra ID only)
- MemberOf: Pipe-separated list of parent groups
- MembersCount: Number of current members of the group
- MembersName: Pipe-separated list of member display names (only with -IncludeMembers)
- MembersId: Pipe-separated list of member IDs (only with -IncludeMembers)
- DisplayName, Description, Mail, MailEnabled, MailNickname, SecurityEnabled, GroupTypes, CreatedDateTime, RenewedDateTime, OnPremisesSyncEnabled, SecurityIdentifier, Classification, Visibility
- Warning: Security warning if any attribute is in the “Personal-Information” property set
- GroupId, GroupName, GroupType, MembershipRule
- MemberId, MemberDisplayName, MemberPrincipal, MemberType