Get all Teams a User is Part of using PowerShell PnP
As you may be aware already (hopefully!), we have Microsoft Teams cmdlets surfacing in the SharePoint PowerShell PnP module since July 2020.
Today, we’ll work again with those cmdlets. As a matter of fact, we’ll use 2 modules for this blog post.
So make sure you’ve got both installed to be able to run the script. OK, let’s dive in! 😁
ℹ The full script + function will be at the end of the post.
Connect to the modules
First things first, let’s connect to both modules.
If you have your credentials in the Credential Manager, you’re in luck. Me too! Therefore, we have only 2 lines of code to connect. Otherwise, use the usual $creds = Get-Credential
as you would normally do.
#Connect to Teams and Azure AD Connect-PnPOnline -Scopes "Group.Read.All" -Credentials "<YOUR-CREDS-NAME>" Connect-AzureAD -Credential (Get-PnPStoredCredential -Name "<YOUR-CREDS-NAME>" -Type PSCredential) | Out-Null
Note that I’m using the Get-PnPStoredCredential from the PnP module. This is a great cmdlet to remember because any other module supporting the PSCredential type can benefit from it (like the Azure AD one!)
Also, if you’re new to using the Teams cmdlets with the PnP module, the connection is different and explained on Erwin Van Hunen’s post.
Set the Variables
Before setting up the variables, let me explain quickly the process we need to go through.
- Loop though each Team
- Find the designated user
- Export the results
That’s high level. But the most important part is “Find the designated user“. And by that I mean that we, as humans, we remember an email address, or a name. Here we need to work with ID’s 😟 Ouch!
So we need to match the UserPrincipalName (i.e.: user1@domain.com) to the UserID (i.e.: 12345-abc-6789-def)
Sounds fun right?! So what we’re going to do is, match the UPN we know with the UserID in Azure AD. That’s why we use this module. Let’s do this.
#Log file to export results $logFile = "<YOUR-FILEPATH.csv>" #Store all the Teams $allTeams = Get-PnPTeamsTeam $results = @() $userToFind = "user1@<DOMAIN>.com" $userToFindInAD = Get-AzureADUser | Where-Object ({ $_.UserPrincipalName -match $userToFind }) $userToFindID = $userToFindInAD.ObjectId
When scripts are getting confusing, I’d highly encourage you to have meaningful names for your variables!
Looping and conditioning
Now let’s get what we’re here for.
#Loop through the TEAMS foreach ($team in $allTeams) { $allTeamsUsers = (Get-PnPTeamsUser -Team $team.DisplayName) #Loop through users TARGETING THE USER ID TO MATCH foreach ($teamUser in $allTeamsUsers) { if ($teamUser.Id -match $userToFindID) { $results += [pscustomobject][ordered]@{ userName = $userToFindInAD.UserPrincipalName userDisplayName = $userToFindInAD.DisplayName userRole = $teamUser.UserType Team = $team.DisplayName teamVisibility = $team.Visibility } } } } $results | Export-Csv -Path $logFile -NoTypeInformation
Note the condition (IF statement) where we match the UPN with the UserID? That was the important part 😉
Results
Here are the results exported in the csv file (with a demo user):
And YES, I’ve included the user role in the Team! 😎
Hope you find this post useful, and see the full script or function below.
#Connect to Teams & Azure AD Connect-PnPOnline -Scopes "Group.Read.All" -Credentials "<YOUR-CREDS-NAME>" Connect-AzureAD -Credential (Get-PnPStoredCredential -Name "<YOUR-CREDS-NAME>" -Type PSCredential) | Out-Null #Log file to export results $logFile = "C:\users\$env:USERNAME\desktop\AllTeamsUserIn.csv" #Store all the Teams $allTeams = Get-PnPTeamsTeam $results = @() $userToFind = "user123@domain.com" $userToFindInAD = Get-AzureADUser | Where-Object ({ $_.UserPrincipalName -match $userToFind }) $userToFindID = $userToFindInAD.ObjectId #Loop through the TEAMS foreach ($team in $allTeams) { $allTeamsUsers = (Get-PnPTeamsUser -Team $team.DisplayName) #Loop through users TARGETING THE USER ID TO MATCH foreach ($teamUser in $allTeamsUsers) { if ($teamUser.Id -match $userToFindID) { $results += [pscustomobject]@{ userName = $userToFindInAD.UserPrincipalName userDisplayName = $userToFindInAD.DisplayName userRole = $teamUser.UserType Team = $team.DisplayName teamVisibility = $team.Visibility } } } } $results | Export-Csv -Path $logFile -NoTypeInformation
function Get-AllTeamsUserMembership { [CmdletBinding()] param ( [Parameter(Mandatory = $true, HelpMessage = "User Principal Name")] [string]$UserUPN ) #Connect to Teams & Azure AD ---> INSERT YOUR OWN CREDS Connect-PnPOnline -Scopes "Group.Read.All" -Credentials "<YOUR-CREDS-NAME>" Connect-AzureAD -Credential (Get-PnPStoredCredential -Name "<YOUR-CREDS-NAME>" -Type PSCredential) | Out-Null #Store all the Teams $allTeams = Get-PnPTeamsTeam $results = @() $userToFind = $UserUPN $userToFindInAD = Get-AzureADUser | Where-Object ({ $_.UserPrincipalName -match $userToFind }) $userToFindID = $userToFindInAD.ObjectId #Loop through the TEAMS foreach ($team in $allTeams) { $allTeamsUsers = (Get-PnPTeamsUser -Team $team.DisplayName) #Loop through users TARGETING THE USER ID TO MATCH foreach ($teamUser in $allTeamsUsers) { if ($teamUser.Id -match $userToFindID) { Write-Host "Found a match: " $teamUser.Id $results += [pscustomobject][ordered]@{ userName = $userToFindInAD.UserPrincipalName userDisplayName = $userToFindInAD.DisplayName userRole = $teamUser.UserType Team = $team.DisplayName teamVisibility = $team.Visibility } } } } } #$results Get-AllTeamsUserMembership -UserUPN "user123@myDomain.com" | Export-Csv -Path "C:\users\$env:USERNAME\Desktop\UserMembershipInTeams.csv" -NoTypeInformation
Thank you for reading!