Microsoft 365 Distribution Group Management with PowerShell

Managing distribution groups through the Microsoft 365 admin center works for small changes, but when you need to add 20 new employees to multiple groups or clean up membership after an acquisition, PowerShell is essential.

Connect to Exchange Online

# Install if needed
Install-Module ExchangeOnlineManagement

# Connect
Connect-ExchangeOnline -UserPrincipalName [email protected]

Basic Member Management

Add a single user to a distribution group:

Add-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

Remove a user from a distribution group:

Remove-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

Check group membership:

Get-DistributionGroupMember -Identity "[email protected]"

Bulk Operations from CSV

Create a CSV file with columns: GroupEmail, UserEmail, Action

GroupEmail,UserEmail,Action
[email protected],[email protected],Add
[email protected],[email protected],Add
[email protected],[email protected],Remove

Process the CSV:

$changes = Import-Csv "C:\Temp\GroupChanges.csv"

foreach ($change in $changes) {
    if ($change.Action -eq "Add") {
        try {
            Add-DistributionGroupMember -Identity $change.GroupEmail -Member $change.UserEmail -Confirm:$false
            Write-Host "Added $($change.UserEmail) to $($change.GroupEmail)"
        }
        catch {
            Write-Host "Failed to add $($change.UserEmail) to $($change.GroupEmail): $($_.Exception.Message)"
        }
    }
    elseif ($change.Action -eq "Remove") {
        try {
            Remove-DistributionGroupMember -Identity $change.GroupEmail -Member $change.UserEmail -Confirm:$false
            Write-Host "Removed $($change.UserEmail) from $($change.GroupEmail)"
        }
        catch {
            Write-Host "Failed to remove $($change.UserEmail) from $($change.GroupEmail): $($_.Exception.Message)"
        }
    }
}

Add All Users from a Department

Add all users from the Sales department to the SalesTeam group:

$salesUsers = Get-User -Filter "Department -eq 'Sales'" | Select-Object -ExpandProperty UserPrincipalName

foreach ($user in $salesUsers) {
    Add-DistributionGroupMember -Identity "[email protected]" -Member $user
}

Nested Groups (Groups within Groups)

Add one distribution group as a member of another:

Add-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

This allows hierarchical group structures. When someone emails CompanyWide, it goes to everyone including the SalesTeam group members.

Replace All Members (Complete Refresh)

Sometimes you need to completely replace group membership:

# Get current members
$currentMembers = Get-DistributionGroupMember -Identity "[email protected]" | Select-Object -ExpandProperty PrimarySmtpAddress

# Remove all current members
foreach ($member in $currentMembers) {
    Remove-DistributionGroupMember -Identity "[email protected]" -Member $member -Confirm:$false
}

# Add new members from CSV
$newMembers = Import-Csv "C:\Temp\NewProjectMembers.csv"
foreach ($member in $newMembers) {
    Add-DistributionGroupMember -Identity "[email protected]" -Member $member.Email
}

Group Management and Permissions

Change who can send to the group (requires Owner permissions):

Set-DistributionGroup -Identity "[email protected]" -AcceptMessagesOnlyFrom "[email protected]"

Allow external senders:

Set-DistributionGroup -Identity "[email protected]" -RequireSenderAuthenticationEnabled $false

Add group owners:

Set-DistributionGroup -Identity "[email protected]" -ManagedBy "[email protected]" -BypassSecurityGroupManagerCheck

Reporting and Auditing

Get detailed group information:

Get-DistributionGroup -Identity "[email protected]" | Format-List

List all distribution groups:

Get-DistributionGroup | Select-Object DisplayName, PrimarySmtpAddress, MemberCount

Export membership for all groups:

$groups = Get-DistributionGroup
$results = @()

foreach ($group in $groups) {
    $members = Get-DistributionGroupMember -Identity $group.PrimarySmtpAddress
    foreach ($member in $members) {
        $results += [PSCustomObject]@{
            GroupName = $group.DisplayName
            GroupEmail = $group.PrimarySmtpAddress
            MemberName = $member.DisplayName
            MemberEmail = $member.PrimarySmtpAddress
        }
    }
}

$results | Export-Csv "C:\Temp\AllGroupMemberships.csv" -NoTypeInformation

Common Issues and Solutions

Error: "The operation couldn't be performed"

• Check if you have the right permissions (Distribution Group admin role)
• Verify the user/group email addresses are correct
• Make sure you're not adding a user to their own group

Member count shows zero but people receive emails

• Could be nested groups - check Get-DistributionGroupMember recursively
• Or dynamic groups - check recipient filter

Changes don't take effect immediately

• Exchange Online changes can take 5-15 minutes to propagate
• Restart Outlook to refresh address book

Best Practices

• Use CSV files for bulk changes: Easier to track and audit
• Test with small groups first: Make sure your script works before running on large groups
• Document group purposes: Use notes field to explain what each group is for
• Regular cleanup: Remove inactive users from groups quarterly
• Naming convention: Use consistent naming like "[email protected]"

Quick Reference

# Connect
Connect-ExchangeOnline

# Add member
Add-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

# Remove member
Remove-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

# List members
Get-DistributionGroupMember -Identity "[email protected]"

# Add from CSV
Import-Csv "members.csv" | ForEach-Object {Add-DistributionGroupMember -Identity $_.Group -Member $_.User}

# Nested group
Add-DistributionGroupMember -Identity "[email protected]" -Member "[email protected]"

Distribution group management is one of those tasks that seems simple until you have 50 groups and need to add 30 new hires to 15 of them. PowerShell makes it manageable.