Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
Hi, As announced at Ignite Sep 2020, we will be making this functionality available as an open source tool by the end of the year. It can be used to pull in 1 or more security groups (nested or not) to drive the membership of a M365 Group. The membership will be pulled in as a flat list and kept in sync with the security group membership. However, if you have a pressing need for it before then, please reach out to GMMSupport@service.microsoft.com for a download of the tool. There is no support provided for the tool from Microsoft, other than answering any question around how we use it here. Link to the tool demo at Ignite: Making IT more efficient with improvements to Microsoft 365 Groups – https://aka.ms/Admin1011
Steve Shipway commented
I knew office365 was going to be bad, but hadn't realised it was THIS bad. How could they release it without the basic capability of adding a Group into the Owner/Member lists? You can already do this with distribution lists, and shared mailboxes. Why omit office groups from the capability?
This makes administration of an organisation with a large number of groups extremely time consuming and awkward. Far better to stick with distribution lists for email, and use Slack for collaboration. Just drop Teams until it catches up with the 21st century.
Don't sleep on this.
This is a critical feature we need to have working as soon as possible! Surely it can't be that hard to make this happen? Please confirm the status of the plans to incorporate this feature into Office 365.
Also adding my voice to the choir requesting an update. Thanks!
James Torrence commented
Adding to the choir of folks requesting an update - thanks!
Is there any update on this ?
I'd like to know the status of this feature too. I kind of thought this would be already available :)
Can I send you guys the list of users to add and remove since you want to wait an additional year for this? You know what kind of pain in the but it is to not be able to use security groups for this?!!
What's the latest on this? The last MS update was nearly a year ago and the roadmap delivery for this has shifted to 2021. What's the holdup - this feature is incredibly important.
There is a way to get members from security groups in office365 group by creating the group from scratch in MS Teams.
But why the hell its till now not possible to get it synchronized dynamically? this is a MUST! Whats so difficult to implement?
What @danny said. Whats going on with this?
This was supposed to be rolled out by end of CY2019 and on Jan 3, 2020 it was updated until Q1 CY2021. Is there a reason why this was delayed for over a year AFTER the delivery timeline was missed. This is a huge issue for large AD deployments as adding over 50K users to Office 365 groups and maintaining that synchronization between AD security groups and Office 365 groups is a maintenance and governance nightmare.
wow only available from Q1 CY2021?
The roadmap is now reading release of CY2019 but still 'In Development'. Whats happening?
Gabe Consults commented
There's a PowerShell workaround for this as a stop gap solution.
Will O365 groups support security groups created in both Azure AD and Local AD, or only security groups created in Azure AD?
FYI the implementation for this is scheduled for Q1 CY2020 according to the Office 365 Roadmap: https://www.microsoft.com/en-us/microsoft-365/roadmap?ms.url=roadmap&rtc=1%26filters=&searchterms=Group%2Cdriven%2Cmembership
Which means we will be lucky if we see it by the end of Q2...
How does this basic functionality not exist yet? It is fundamental!
Even setting up a basic SharePoint environment with a few sites, I have my users from different guest organisations in security groups - I shouldn't have to manually add every individual to every O365 Group site.
This is currently stated as "In the Plans"... this should be a top priority!
Will i then be able to populate a dynamic o365 security group using an LDAP attribute and then use that dynamic security group to populate o365 groups and shared mailboxes?
For example. Out identity management system automatically populate the LDAP attribute City depending on location. I then want O365 to use that city attribute to automatically assign those users to the corresponding Team, Distribution group and Shared mailbox.
I can do this today with a dynamic O365 group but not afaik with Shared mailboxes.
Margaret Auld-Louie commented
It is crazy that this feature doesn't exist yet. It makes the O365 groups not very usable, as we have all our staff in mail-enabled security groups in AD, that we use for granting rights to things in O365 like resource calendars. It's too much to keep track of to also have to put them individually into O365 groups. We need to be able to add these security groups as members of the O365 groups.