DEV Community

Martin
Martin

Posted on

Create Azure AD groups in bulk using PowerShell with a CSV input.

I recently had to replicate an Azure AD group structure from one tenant to another and wrote a super simple script to speed things up.

Set up PowerShell

Firstly you will need to install the Azure AD PowerShell module which allows you to intreact with AAD.

Install-Module AzureADPreview
Enter fullscreen mode Exit fullscreen mode

Authenticate to your Azure Active Directory tenant by running

Connect-AzureAD -TenantId "<insert tenant id here>"
Enter fullscreen mode Exit fullscreen mode

Retrieve AD Groups

I used a simple command to export the AD groups from the tenant I want to copy from to a csv file

Get-AzureADMSGroup | select DisplayName | Export-Csv c:\development\azureadusers.csv -NoTypeInformation
Enter fullscreen mode Exit fullscreen mode

You can modify the export path as needed.

Create the AD Groups

Now that you have the AD groups exported you can run the script. Make sure you re-authenticate to the new Tenant where you want o set up the groups. Here is an example of what my CV looks like:

Image description

Note that I am only filtering the Display Names of the AD groups without the descriptions and owners. I haven't had a chance to script this up but it's fairly straight forward to do.

Run the script to set up the groups:

$Groups = Import-Csv -Path "C:\development\azureadusers.csv"

foreach($Group in $Groups)

{
New-AzureAdGroup -DisplayName $Group.DisplayName -MailEnabled $False -SecurityEnabled $True -MailNickName "NotSet"
}
Enter fullscreen mode Exit fullscreen mode

The AD groups are now created!

Image description

There are some limitations with the Azure AD module. It doesn't support all parameters so for example you can't enable groups to be assignable to roles. You can achieve the same by using the Az.Resources module

You can also expand the script to add descriptions to the AD groups and replicate/assign owners.

Hope this helps.

Latest comments (0)