In one of my previous posts I showed how to create new Azure AD group and add owners via MS Graph client library: Create Azure AD group and set group owner using Microsoft Graph Client library. In this post I will also show how to set owners for existing groups, which will also include deleting of previous owners. The same approach may be used for adding and deleting group members (instead of Owners use Members property of Group class). In order to synchronize Azure AD group owners use the following method:
In this method we use helper function GetAzureGroupOwners:
and AzureAuthenticationProvider from previous post Work with Azure AD via Microsoft Graph API.
Method SetAzureGroupOwners() receives reference to the Azure AD group and list of users which should be set as owners. Please note that we are talking here about replacing existing owners on new ones, i.e. we need not only to add new owners but also delete those existing owners which don’t exist in this list. So at first we add new owners (lines 10-24) and then remove missing existing owners (lines 26-40). At the end group will only have those owners which are passed in the list to the function.