Add-EntraGroupMember
Add a member to a security or Microsoft 365 group.
Syntax
Default (Default)
Add-EntraGroupMember
-GroupId <String>
-MemberId <String>
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Add-EntraGroupMember cmdlet adds a member to a security or Microsoft 365 group.
New-EntraGroupMember and Add-EntraGroupMembership are aliases of Add-EntraGroupMember.
In delegated scenarios, the signed-in user needs a supported Microsoft Entra role or a custom role with the microsoft.directory/groups/members/update permission. The minimum roles required for this operation, excluding role-assignable groups, are:
- Group owners
- Directory Writers
- Groups Administrator
- User Administrator
Examples
Example 1: Add a member to a group
Connect-Entra -Scopes 'GroupMember.ReadWrite.All'
$group = Get-EntraGroup -Filter "DisplayName eq 'Contoso Marketing Group'"
$user = Get-EntraUser -UserId 'SawyerM@contoso.com'
Add-EntraGroupMember -GroupId $group.Id -MemberId $user.Id
This example demonstrates how to add a member to a group.
-GroupId- Specifies the unique identifier (Object ID) of the group to which you want to add a member.-MemberId- Specifies the unique identifier (Object ID) of the member to be added to the group. You can add users, security groups, Microsoft 365 groups, devices, service principals, and organizational contacts to security groups. Only users can be added to Microsoft 365 groups.
Example 2: Add members based on search results to a group
Connect-Entra -Scopes 'GroupMember.ReadWrite.All'
$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'"
Get-EntraUser -Filter "startsWith(displayName,'Updated User')" |
Add-EntraGroupMember -GroupId $group.Id
This example demonstrates how to add members based on a search result to a group.
-GroupId- Specifies the unique identifier (Object ID) of the group to which you want to add a member.
Example 3: Sync users from one group to another
Connect-Entra -Scopes 'GroupMember.ReadWrite.All'
$group = Get-EntraGroup -Filter "DisplayName eq 'Sales and Marketing'"
Get-EntraGroupMember -GroupId "source-group-id" |
Add-EntraGroupMember -GroupId $group.Id
This example demonstrates how to sync group members from source target group to a new group.
-GroupId- Specifies the unique identifier (Object ID) of the group to which you want to add a member.
Parameters
-GroupId
Specifies the ID of a group in Microsoft Entra ID.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | ObjectId |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-MemberId
Specifies the unique identifier (Object ID) of the member to be added to the group. You can add users, security groups, Microsoft 365 groups, devices, service principals, and organizational contacts to security groups. Only users can be added to Microsoft 365 groups.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RefObjectId |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.