Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
Hi, As announced at Ignite Sep 2020, we will be making this functionality available as an open source tool by the end of the year. It can be used to pull in 1 or more security groups (nested or not) to drive the membership of a M365 Group. The membership will be pulled in as a flat list and kept in sync with the security group membership. However, if you have a pressing need for it before then, please reach out to GMMSupport@service.microsoft.com for a download of the tool. There is no support provided for the tool from Microsoft, other than answering any question around how we use it here. Link to the tool demo at Ignite: Making IT more efficient with improvements to Microsoft 365 Groups – https://aka.ms/Admin1011
Hans Vis (@Cavero) commented
That's great that it's in the plans!
Tim de Jong commented
Mark Burland commented
The easy fix here is to make AAD Premium go away and fold those key features into Core Office 365.
Our management want to use 'teams' in our organisation (+ 1000 users) but missing active directory integration is a huge drawback to roll out Teams !
Pieterjan H. commented
We're trying to use Stream, but without our security groups available, which are well curated, we need a way to either use security groups in Stream, or automatically sync/merge the security groups into Office365 groups.
Peter Leahy commented
We're busy implementing SharePoint Online and Office 365 this seems a silly thing to be missing, you can add a group to a SharePoint group but not a 365 group.
We have a nice role based permission model in our AD that would fit perfectly into the groups but we can't use it.
Jiří Schimmer commented
I guess we all agreed that enterprise really needs this feature, now some response from MS would be nice - there are ideas with less votes and there is a comment.
Chad Heidorn commented
We need to be able to add security groups as group owners so we can more effectively manage these groups. Office 365 groups need to be available so they can be added to security groups. We can't create and manage duplicate groups for every Office 365 group.
I can't understand why this get forgotten by design. Since local Security groups are still needed this is an urgent need because no organsiation wants to handle user and groups twice.
Daniel Schnyder commented
Top issue in our customer projects. Yes please, we need nesting of AD groups in Office 365 Groups
Daniel W commented
This is sorely needed!
Please implement this feature as we cannot have a scalable employee onboarding process otherwise.
Reinier van Schaik commented
A company migrate normal from an existing AD, by ADFS, to Office 365. Therefore it's important to use security group membership to Office 365 (Teams/SharePoint).
All one place of organisation
This is really so import for every organisation, which has many changes in their organisationstructure. In our case we have 4 times a year a big change in out HR structure resulting in a mess of changing group permissions. It would be so much easier with security groups.
Wade Baugher commented
This issue seriously undermines the usability of the entire Teams/SPO integration.
The whole group thing is a mess and I would perceive that MS is using this to drive companies to the Cloud and away from on-prem.
The real problems are the lack of interoperability, the lack of nested group support and how GPOs are applied and leveraged.
MS has created User Group Entities in MS Teams that can 1way sync to Office 365 group entities that are populated in AzureAD but cannot be linked to the AzureAD on-prem groups that are synced.
This screams of a Development group that does not understand the functionality or power of the core components that made Active Directory Successful. I believe that this is evident by the lack of Nesting Support.
I agree this is a real must have for many larger companies. We need both of them. Flexible and dynamic teams where a projectleader manages the members can be done from the Office 365 Group. And we need more static teams (departments) to be managed centrally from AAD or Active Directory on-prem using security groups.
I'm working with a company with +3000 low tech users world wide. They've invested tons of hours on AD Security Groups using their HR system as a master data. Implementing Microsoft Teams is not an option as long as AADConnect/AAD lack this capability. Any timeframe when this is going to happen?
This is a nightmare. We only have 80 users, but I am ONE person over 3 locations and many groups with some turnover in the lower levels. The cost of AAD Premium is freaking outrageous for my company. Only have the users have O365 Prem because of cost.
Matt Chapman commented
How does this get escalated to the top of the backlog? This is basic functionality that should be a requirement for the product to be considered viable. Group nesting should work by default even for synchroniced groups from on premise or Azure AD groups.
We have multiple teams and spend time adding users manually one by one.
For example : a team to discuss a product launch involving marketing dpt and r&d dpt... we need to add 500 users one by one when there are AD Security Groups in AD