I am new to Azure dynamic groups and I've been asked if we can create O365 dynamic groups in Exchange Online, based upon "Managers direct reportee" criteria. The script should prompt for manager's employee ID and then use it to fetch their direct reportees. Is this even possible?
I have created a script below but it is unable to run user.directreportfor >
[String]$manf=Read-Host "Enter your First name:"
[String]$manl=Read-Host "Enter your Last name:"
$San = Read-Host "Enter your Employee ID"
$saneml=(Get-Recipient -Identity $San).PrimarySmtpAddress
$adgid=(Get-Recipient -Identity DR-$manf$manl).PrimarySmtpAddress
$adg=(Get-AzureADGroup -ObjectId $adgid).ObjectID
$userId = (Get-AzureAdUser -ObjectId $saneml).ObjectId
$mem = Get-Aduser -identity $San -Properties directreports | %{$_.directreports}
Write-Host "You have" $mem.Count "Direct reports"
if ($mem -eq $null)
{
Write-Host "Error! This request cannot be fulfilled as you are not a manager..." -ForegroundColor Yellow
}
else
{
Write-Host "Working on creating Manager's DL: DR-$manf$manl" -ForegroundColor Green
Start-Sleep -Seconds 5
#New-UnifiedGroup -Name "DR-$manf$manl" -MailEnabled $true -Description "This is Managers DL"
New-UnifiedGroup -DisplayName DR-$manf$manl -Alias DR-$manf$manl -AccessType Private -Owner $San
Start-Sleep -Seconds 5
Set-UnifiedGroup "DR-$manf$manl" -UnifiedGroupWelcomeMessageEnabled:$false -AutoSubscribeNewMembers:$true -SubscriptionEnabled:$true
Start-Sleep -Seconds 30
Set-UnifiedGroup "DR-$manf$manl" -UnifiedGroupWelcomeMessageEnabled:$false -AutoSubscribeNewMembers:$true -SubscriptionEnabled:$true
Start-Sleep -Seconds 30
Set-AzureADMSGroup -Id $adg -GroupTypes @("DynamicMembership", "Unified") -MembershipRuleProcessingState "On" -MembershipRule "(user.directreportsfor -eq $userId)"
}
Any help is appreciated. Thanks.