How to find empty Groups in Microsoft 365 and clean them up!
Regular audits and removal of orphaned Microsoft 365 groups are critical for security and compliance. Here's how you can identify and remove these unused groups:
Step 1: Identify Empty Groups:
You can use PowerShell to identify empty groups in Microsoft 365. Follow these steps:
Prerequisites
powershell
# Import the Exchange Online module
Import-Module ExchangeOnlineManagement
# Connect to Exchange Online
Connect-ExchangeOnline -UserPrincipalName <YourAdminAccount>
Run the Script to Find Empty Groups
Use the following PowerShell script to list empty groups:
powershell
# Get all Microsoft 365 Groups
$groups = Get-UnifiedGroup
# Check for empty groups
$emptyGroups = $groups | Where-Object { (Get-UnifiedGroupLinks -Identity $_.PrimarySmtpAddress -LinkType Members).Count -eq 0 }
# Output empty groups
$emptyGroups | Select-Object DisplayName, PrimarySmtpAddress
This script retrieves all Microsoft 365 groups and filters those without members. It then displays the group name and email address.
Step 2: Review Empty Groups
Before deleting, review the list of empty groups to ensure they are no longer needed. Some groups may be used for other purposes, such as permissions or future projects.
Recommended by LinkedIn
Step 3: Clean Up Empty Groups
Once you're confident that the groups are no longer needed, you can delete them using PowerShell:
powershell
# Delete empty groups
foreach ($group in $emptyGroups) { Remove-UnifiedGroup -Identity $group.PrimarySmtpAddress -Confirm:$false }
This script removes all the empty groups identified in the previous step.
Step 4: Automate the Cleanup Process (Optional)
To keep your environment clean, you can schedule this script to run periodically using a task scheduler or automation tool like Azure Runbooks.
Step 5: Use the Microsoft 365 Admin Center
Alternatively, if you prefer a GUI approach:
Best Practices
By following these steps, you can effectively manage and clean up empty groups in your Microsoft 365 environment!