How To Create SharePoint Group And Add User Using PnP PowerShell

This article will help you to understand, how to create SharePoint group and add users using PnP Power Shell module

Before we begin, we need to make sure what type of PnP module had been installed in your machine. To check please execute the following command in PowerShell

  1. Get-Module SharePointPnPPowerShell* -ListAvailable | Select-Object Name,version   
How To Create SharePoint Group And Add User Using PnP PowerShell

In case you receive any error like “SharePointPnpPowershell module couldn’t find in this computer," then you need to download and install the latest version of PnP Module. To install the latest version please execute the below mentioned command to download and install directly from the PowerShell gallery

Open Powershell in Administrator mode and execute the below command,

  1. Set-Executionpolicy remotesigned  
  2.  
  3. #For SharePoint Online  
  4. Install-Module SharePointPnPPowerShellOnline   
  5.  
  6. #For SharePoint 2016  
  7. Install-Module SharePointPnPPowerShell2016  
  8.  
  9. #For SharePoint 2019  
  10. Install-Module SharePointPnPPowerShell2019  
Here I am using SharePoint Online, so I installed SharePoint Online PnP module as you can see in my first image of this article. Once everything got installed then we are ready to connect the SharePoint online using PnP PowerShell.  
  1. #To connect SharePoint Online  
  2. Connect-PnPOnline -Url https://tenant.sharepoint.com -UseWebLogin   

Here I am using –UseWebLogin to authenticate my credentials through browser interface to overcome the MFA Authentication.

Once it got connected, just execute the below command to create a SharePoint Group,

  1. New-PnPGroup -Title "Custom"  
On the above command, you can provide some more parameters like owner, Description, AllowRequestTojoinLeave. In this case, I didn't give the owner's name while creating the group but it will consider who is executing this script as an owner and it will add it in property bag.
 
And by default, it will add the SharePoint Group owner ID as a first entry. To check you can execute the below command to list out the users who are already added in that group,
  1. Get-PnPGroupMembers -Identity "Custom"   
How To Create SharePoint Group And Add User Using PnP PowerShell

If the above command returns a successful result then execute the below command to add users to the SharePoint group,

  1. Add-PnPUserToGroup -LoginName userid@domain.com -Identity "Custom"   
How To Create SharePoint Group And Add User Using PnP PowerShell
 
Once the command passes to another line execute the get-PnPGroupMembers command to make sure that user ID is added successfully,
 
How To Create SharePoint Group And Add User Using PnP PowerShell
 
So this is the way to add users to the respective sharepoint group and if you want to remove person from the SharePoint group then you can follow the below command to do that.
  1. Remove-PnPUserFromGroup -LoginName userid@domain.com -Identity "Custom"  
Then if you are looking to delete the SharePoint Group, then the below command will help you to do so,
  1. Remove-PnPGroup -Identity "Custom"  
We can perform aditional activities like add/change the SharePoint Group permissions. The below given command will add a permission group to your sharepoint group. In this case my SharePoint Group is already created with Read permission, so by executing the below command it will make my sharepoint group as Read+Contribute permission level.
  1. Set-PnPGroupPermissions -Identity "Custom" -AddRole Contribute  
If you want to remove the exisitng group permission and add new permission level then the below command will help you though,
  1. Set-PnPGroupPermissions -Identity "Custom" -RemoveRole "Read" -AddRole "Full Control"  
Just consider, you are using one Sharepoint list with unique permission and there you want change the permission level for any sharepoint group. Then you can add the parameter called -List to declare your Sharepoint list name,
  1. Set-PnPGroupPermissions -Identity "Custom" -List "CustomList" -RemoveRole "Read" -AddRole "Contribute"