cipp-groupslisted

Use this skill when listing or creating M365 groups in CIPP — security groups, distribution lists, M365 groups, mail-enabled security groups. Covers tenant-scoped group enumeration and creation as part of user onboarding or access-management workflows.
wyre-technology/msp-claude-plugins · ★ 28 · DevOps & Infrastructure · score 80

Install: claude install-skill wyre-technology/msp-claude-plugins

# CIPP Groups Groups in CIPP cover all four Entra/M365 group types: Security, Microsoft 365 (unified), Distribution List, and Mail-Enabled Security. Most groups are managed through CIPP for delegation simplicity, but membership changes for individual users typically flow through `cipp_list_user_groups` (read) and the M365 plugin or graph-API for write operations. ## Tools ### `cipp_list_groups` ``` cipp_list_groups(tenantFilter='contoso.onmicrosoft.com') ``` Returns all groups in the tenant with `id`, `displayName`, `groupTypes`, `mailEnabled`, `securityEnabled`, and member count. Use to audit group sprawl, find candidate distribution lists for cleanup, or resolve group names to IDs. ### `cipp_create_group` ``` cipp_create_group(tenantFilter, displayName, description?, groupType='Security'|'Microsoft 365'|'Distribution'|'Mail-Enabled Security', mailNickname?, members?) ``` `mailNickname` is required for any mail-enabled group type. Members can be supplied at creation time as a list of UPNs or object IDs. ## Group type matrix | Type | Mail-enabled | Use case | |------|--------------|----------| | Security | No | RBAC, conditional access scoping, license assignment | | Microsoft 365 | Yes | Teams, SharePoint, shared inbox + collaboration | | Distribution | Yes | Email distribution only, no shared workspace | | Mail-Enabled Security | Yes | Both: mail distribution AND security scoping | Pick **Security** for permissions-only, **Micr