Home
PowerShell
New-MgGroupOwnerByRef

How to add owners to Microsoft Entra ID groups using New-MgGroupOwnerByRef

Adding owners to Entra ID groups

Admins assign owners to Microsoft Entra ID groups to delegate management responsibilities, ensuring proper oversight of group memberships, permissions, and access. While Microsoft Graph PowerShell's New-MgGroup Owner ByRef command, an alternative to PowerShell's Add-AzureADGroupOwner command, can be used to add owners to Entra ID groups, this process is both time-consuming and error-prone. In contrast, ManageEngine ADManager Plus, a Microsoft 365 management and reporting tool, streamlines the task, enabling administrators to quickly add owners to Entra ID groups with just a few clicks.

ADManager Plus
PowerShell

Adding owners to Entra ID groups using ADManager Plus

Log in to ADManager Plus and navigate to Microsoft 365 > Management > Group Management.
Under Bulk Group Modification, select the type of Entra ID group to which you want to add owners. You can add owners to Microsoft 365 groups, distribution groups, mail-enabled security groups, security groups, and dynamic distribution groups.
Click the Add Owner(s) radio button. Select the users to be assigned ownership from the Select Owner field.
From the Microsoft 365 Tenant drop-down list, select the desired tenant.
In the Select Group(s) field, search for the groups to which you wish to assign the selected owners and click Find. You can also upload a CSV file to add groups in bulk.
Select from the list of groups generated and click Apply.

Add owners to Entra ID groups using ADManager Plus

Get started

Adding owners to Entra ID groups using Graph PowerShell

Prerequisites

Before using the New-MgGroupOwnerByRef cmdlet, ensure the following prerequisites are met:

Make sure the Graph PowerShell module is installed. If not, install it using this script:
Install-Module Microsoft.Graph -Scope CurrentUser
Connect to Graph PowerShell with the following permission to add owners to Entra ID groups:
Group.ReadWrite.All

Using the New-MgGroupOwnerByRef command to add owners to Entra ID groups

The New-MgGroupOwnerByRef cmdlet can be used in Graph PowerShell to add owners to Entra ID groups. Here's the syntax:


                                    New-MgGroupOwnerByRef 

                                     -GroupId <String> 

                                     [-ResponseHeadersVariable <String>] 

                                     -OdataId <String> 

                                     [-AdditionalProperties <Hashtable>] 

                                     [-Headers <IDictionary>] 

                                     [-PassThru] 

                                     [-ProgressAction <ActionPreference>] 

                                     [-WhatIf] 

                                     [-Confirm] 

                                    [<CommonParameters>]

Example use cases and scripts using the New-MgGroupOwnerByRef cmdlet

Add an owner to a group


                                    $newGroupOwner =@{ 

                                      "@odata.id"= "https://graph.microsoft.com/v1.0/users/{4de19c17-6a28-4a91-86d1-f717c3c8c229}" 

                                      } 

                                    New-MgGroupOwnerByRef -GroupId '1cb7317c-9c49-4dc8-a358-67ad8e95217c' -BodyParameter $newGroupOwner

Supported parameters

The following table contains some parameters that can be used along with the New-MgGroupOwnerbyRef command to efficiently add members to Entra ID groups:

Parameters	Description
-GroupId	This parameter displays the unique identifier for the group.
-Headers	This parameter allows you to add optional headers to the request.
-OdataId	This parameter displays the entity reference URL of the resource.
-PassThru	This parameter returns true when the command succeeds.
-WhatIf	This parameter displays the outcome if the cmdlet is executed.

Limitations of using Graph PowerShell scripts to add owners to Entra ID groups

Graph PowerShell requires IT admins to upgrade from Azure AD PowerShell and have familiarity with PowerShell scripting.
The Graph API imposes throttling limits, which may affect performance when adding owners to groups in bulk.
Identifying and troubleshooting errors can be time-consuming and can require technical expertise.
It may require extra effort to format and export the data from scripts for reporting purposes.
The lack of a built-in graphical interface and user-friendly reports makes management and monitoring difficult for administrators.

Highlights of using ADManager Plus to add owners to Entra ID groups

Get reports on and manage Entra ID groups with an easy-to-use interface, eliminating the need for complex PowerShell scripting or Graph API knowledge.
Add unlimited owners to groups simultaneously by importing a CSV file—without throttling or API restrictions.
Generate more than 200 prepackaged reports, with options to customize and export them in various formats, such as CSV or HTML, in a few clicks.
Use prebuilt or custom templates to standardize management and reporting tasks.
Delegate specific management and reporting tasks to technicians without granting them excessive permissions.

Simplify Entra ID group management with ADManager Plus

Try it now for free

Adding owners to Entra ID groups
Adding owners to Entra ID groups using ADManager Plus
Adding owners to Entra ID groups using Graph PowerShell
Limitations of using Graph PowerShell scripts to add owners to Entra ID groups
Highlights of using ADManager Plus to add owners to Entra ID groups

Related features:

Related Powershell Guides: