SweetAsNZ · November 19, 2025 21:11
diff --git a/Add-MS365GroupOwners.ps1 b/Add-MS365GroupOwners.ps1
 function Add-MS365GroupOwners{
    
    # Add Owners to Microsoft 365 Groups Without An Owner

    #Install-Module ExchangeOnlineManagement
    Import-Module ExchangeOnlineManagement
    
    # Check For Basic Auth So You Get The Full Command Set From EXO 
    $String1 = "Basic = true"
    $Basic = winrm get winrm/config/client/auth | Select-String $String1

    if($Basic -ne $String1){
    
        Write-Output "winrm get winrm/config/client/auth needs to allow Basic Auth for more cmdlets to function per https://docs.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps#prerequisites-for-the-exo-v2-module"
        Write-Output 'To resolve (beware of basic auth): winrm set winrm/config/client/auth @{Basic="true"}'
    }

    "`r`n"
    [Net.ServicePointManager]::SecurityProtocol
    
    <#[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    #Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Type DWord -Value '1' # Set strong crypto
    
    # Set Default Repo
    #Register-PSRepository -Default
    #>

    $User = $($env:Username)
    $UPN  = (Get-ADUser -Filter {SAMAccountName -eq $User} -Properties UserPrincipalName).UserPrincipalName # Get's the person running the scripts info from AD
     

    Connect-ExchangeOnline -UserPrincipalName $UPN -ShowBanner:$false -ShowProgress:$true

    # This returns Microsoft 365 Groups that do not have an owner.
    $NoOwn = Get-UnifiedGroup | Where-Object {-Not $_.ManagedBy} | Sort DisplayName

    foreach ($UnmanagedGroup in $NoOwn)
    {
        Write-Host "Working on this group: $($UnmanagedGroup.DisplayName)" -ForegroundColor Green

        $Members = ($UnmanagedGroup | Select * -First 1 | Get-UnifiedGroupLinks -LinkType Members).Name ; $Members
    
        if($Members -ne $null){

            Write-Host "`$($Members) are not `$null. Yay." -ForegroundColor Green

            $NewOwners = foreach ($item in $Members)
            {
                (Get-ADUser -Filter 'Name -eq $item' -Properties Name,Title,Enabled,UserPrincipalName | 
                Where {($_.Enabled -eq $true) -and ($_.Title -like "*Manager*") -or ($_.Title -like "*Director*") -or ($_.Title -like "*Lead*") -or ($_.Title -like "*President*")} | Select -First 3).UserPrincipalName
            }
            $NewOwners 

            foreach ($Manager in $NewOwners)
            {
               Get-UnifiedGroup -Identity $UnmanagedGroup.DisplayName | Add-UnifiedGroupLinks -LinkType Owners -Links $Manager # -Whatif
            }
    
            Write-Output "Check New Owners"
            Get-UnifiedGroup -Identity $UnmanagedGroup.DisplayName | Get-UnifiedGroupLinks -LinkType Owners

        }#END IF

         # Attempt to warn about no members
        if($Members -eq $null){
                
                Write-Warning "WARNING: Group `$Members are `$null. Boo! Trying the other way around" 

        }#END IF

    }#END FOREACH

    $StillNoOwner = Get-UnifiedGroup | Where-Object {-Not $_.ManagedBy} | Sort DisplayName
    Write-Host "Still No Owner Here: `r`n"
    $StillNoOwner
 }
	function Add-MS365GroupOwners{

	# Add Owners to Microsoft 365 Groups Without An Owner

	#Install-Module ExchangeOnlineManagement
	Import-Module ExchangeOnlineManagement

	# Check For Basic Auth So You Get The Full Command Set From EXO
	$String1 = "Basic = true"
	$Basic = winrm get winrm/config/client/auth \| Select-String $String1

	if($Basic -ne $String1){

	Write-Output "winrm get winrm/config/client/auth needs to allow Basic Auth for more cmdlets to function per https://docs.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps#prerequisites-for-the-exo-v2-module"
	Write-Output 'To resolve (beware of basic auth): winrm set winrm/config/client/auth @{Basic="true"}'
	}

	"`r`n"
	[Net.ServicePointManager]::SecurityProtocol

	<#[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
	#Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Type DWord -Value '1' # Set strong crypto

	# Set Default Repo
	#Register-PSRepository -Default
	#>

	$User = $($env:Username)
	$UPN = (Get-ADUser -Filter {SAMAccountName -eq $User} -Properties UserPrincipalName).UserPrincipalName # Get's the person running the scripts info from AD


	Connect-ExchangeOnline -UserPrincipalName $UPN -ShowBanner:$false -ShowProgress:$true

	# This returns Microsoft 365 Groups that do not have an owner.
	$NoOwn = Get-UnifiedGroup \| Where-Object {-Not $_.ManagedBy} \| Sort DisplayName

	foreach ($UnmanagedGroup in $NoOwn)
	{
	Write-Host "Working on this group: $($UnmanagedGroup.DisplayName)" -ForegroundColor Green

	$Members = ($UnmanagedGroup \| Select * -First 1 \| Get-UnifiedGroupLinks -LinkType Members).Name ; $Members

	if($Members -ne $null){

	Write-Host "`$($Members) are not `$null. Yay." -ForegroundColor Green

	$NewOwners = foreach ($item in $Members)
	{
	(Get-ADUser -Filter 'Name -eq $item' -Properties Name,Title,Enabled,UserPrincipalName \|
	Where {($_.Enabled -eq $true) -and ($_.Title -like "Manager") -or ($_.Title -like "Director") -or ($_.Title -like "Lead") -or ($_.Title -like "President")} \| Select -First 3).UserPrincipalName
	}
	$NewOwners

	foreach ($Manager in $NewOwners)
	{
	Get-UnifiedGroup -Identity $UnmanagedGroup.DisplayName \| Add-UnifiedGroupLinks -LinkType Owners -Links $Manager # -Whatif
	}

	Write-Output "Check New Owners"
	Get-UnifiedGroup -Identity $UnmanagedGroup.DisplayName \| Get-UnifiedGroupLinks -LinkType Owners

	}#END IF

	# Attempt to warn about no members
	if($Members -eq $null){

	Write-Warning "WARNING: Group `$Members are `$null. Boo! Trying the other way around"

	}#END IF

	}#END FOREACH

	$StillNoOwner = Get-UnifiedGroup \| Where-Object {-Not $_.ManagedBy} \| Sort DisplayName
	Write-Host "Still No Owner Here: `r`n"
	$StillNoOwner
	}
No results found