Getting the owner of a Group in Entra ID (FKA Azure AD or AAD) involves three steps:

• Know the name of the Group/s you want to get the owners of
• Find the ObjectId of those respective Group/s using Get-AADGroup
• Provide the ObjectId when invoking Get-AADGroupOwner

Step-by-Step Guide

Initial Variable Declaration

Define an initial variable; the string within the name of one or more groups. Do not use asterisks here.

$SearchString = "AAD_APP_TEST_"

Searching through ADGroups

Leverage Get-AzureADGroup and search for the respective $SearchString variable and assign the output to a new variable, in this case $Groups.

$Groups = Get-AzureADGroup -SearchString $SearchString

Initial Variable Declaration

Start building your ForEach loop which cycles through every group just collected. The Get-AzureADGroupOwner cmdlet can be leveraged by providing the ObjectId object belonging to the $Group variable (output of Get-AzureADGroup).

Assign the output of Get-AzureADGroupOwner to a new variable, such as $Owners.

ForEach ($Group in $Groups){
    $Owners = Get-AzureADGroupOwner -ObjectId $Group.ObjectId
}

Initial Variable Declaration

Note that each group may have more than one owner. Therefore, within this initial ForEach loop, you will need to build a nested ForEach loop to identify each owner for said group.

ForEach ($Group in $Groups){
    $Owners = Get-AzureADGroupOwner -ObjectId $Group.ObjectId
    ForEach ($Owner in $Owners){
        ...
        }
    }
}

Initial Variable Declaration

Within the nested ForEach loop, you now need to build a PSCustomObject. This PSCustomObject is very similar to a Hash Table (in PowerShell) or Dictionary (in Python) but distinctly different.