Home
PowerShell
Remove-MgGroupFromLifecyclePolicy

How to delete Microsoft Entra ID groups from life cycle policies using Remove-MgGroupFromLifecyclePolicy

Deleting a Microsoft Entra ID group from a life cycle policy

Managing Microsoft Entra ID group life cycle policies is crucial for enforcing governance and automating group management. IT administrators often need to remove specific groups from a life cycle policy to adjust retention settings or exclude them from automated expiration rules. While the Remove-MgGroupFromLifecyclePolicy PowerShell command in Microsoft Graph allows admins to detach groups from a life cycle policy, it requires scripting expertise and manual execution.

ManageEngine ADManager Plus is a comprehensive identity governance and administration solution that simplifies Microsoft Entra ID management and reporting. With powerful management actions and detailed reports, it streamlines administrative tasks and reduces IT workload.

Delete Microsoft Entra ID groups from life cycle policies using Microsoft Graph PowerShell

Prerequisites

Before running the Remove-MgGroupFromLifecyclePolicy cmdlet, ensure the following requirements are met:

The Microsoft Graph PowerShell module is installed. If it’s not installed, use the following command:
Install-Module Microsoft.Graph -Scope CurrentUser
Connect to Microsoft Graph PowerShell with the necessary permissions to read group details:
Connect-MgGraph -Scopes "Group.ReadWrite.All"

Using the Remove-MgGroupFromLifecyclePolicy cmdlet to remove a Microsoft Entra ID group from a life cycle policy

Use the Remove-MgGroupFromLifecyclePolicy cmdlet in Microsoft Graph PowerShell to remove Microsoft Entra ID groups from life cycle policies. The syntax is as follows:


                                    Remove-MgGroupFromLifecyclePolicy 

                                         -GroupLifecyclePolicyId <String> 

                                         [-ResponseHeadersVariable <String>] 

                                         [-AdditionalProperties <Hashtable>] 

                                         [-GroupId <String>] 

                                         [-Headers <IDictionary>] 

                                         [-ProgressAction <ActionPreference>] 

                                         [-WhatIf] 

                                         [-Confirm] 

                                    [<CommonParameters>]

Example use case and script using the Remove-MgGroupFromLifecyclePolicy cmdlet

Example: Remove a group from a life cycle policy

Use this Graph PowerShell command to remove a Microsoft Entra ID group from a life cycle policy.


                                    Import-Module Microsoft.Graph.Groups 

                                    $params = @{ 

                                    	groupId = "3b27f8a3-9c4b-4d3b-bc72-2a4f6e2d9a0d" 

                                    } 

                                    Remove-MgGroupFromLifecyclePolicy -GroupLifecyclePolicyId $groupLifecyclePolicyId -BodyParameter $params

Supported parameters

The table below lists key parameters that can be used with the Remove-MgGroupFromLifecyclePolicy cmdlet to remove Microsoft Entra ID groups from life cycle policies.

Parameters	Description
-Confirm	This is to confirm before running the cmdlet.
-GroupLifecyclePolicyId	This is the unique identifier of the group life cycle policy.
-GroupID	This is the unique identifier of a group.
-WhatIf	This shows what would happen if the cmdlet was run.

Challenges of using Graph PowerShell scripts to remove Microsoft Entra ID groups from life cycle policies

Removing Microsoft Entra ID groups from life cycle policies requires precise Graph PowerShell scripting and elevated permissions, making it challenging for admins unfamiliar with PowerShell.
The Microsoft Graph API enforces throttling limits, which can delay bulk modifications and disrupt automated policy updates.
Troubleshooting failures, such as permission errors or dependency conflicts, can be time-consuming and require deep technical expertise.
Without a graphical UI, managing life cycle policy changes via PowerShell can be cumbersome, increasing the risk of misconfigurations.

Why use ADManager Plus for management and reporting?

Create, update, and manage Microsoft 365 users; assign or revoke licenses in bulk; and streamline provisioning—all without PowerShell.
Easily oversee Microsoft 365, security, and Microsoft Entra ID groups, managing memberships, owners, and attributes from a single interface.
Generate detailed reports on users, groups, licenses, mailbox activity, and security settings to enhance visibility and ensure compliance.
Automate key Microsoft 365 tasks like user onboarding, group updates, and license management while enforcing approval-driven workflows.
Assign specific Microsoft 365 management tasks to help desk teams with granular access controls, reducing administrative workload.

Manage Microsoft Entra ID groups and group memberships in bulk using ADManager Plus

Try it now for free

Deleting a Microsoft Entra ID group from a life cycle policy
Delete Microsoft Entra ID groups from life cycle policies using Microsoft Graph PowerShell
Challenges of using Graph PowerShell scripts to remove Microsoft Entra ID groups from life cycle policies
Why use ADManager Plus for management and reporting?

Related features:

Related Powershell Guides: