Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
Hi! As we announced during Ignite this year, we are releasing an open source tool by the end of the year that can be used to pull in one or more security groups (nested or not) into the membership of large Microsoft 365 Groups. The membership will be pulled in as a flat list and kept in sync with the security group membership. Having Azure subscriptions is a pre-requisite to using this tool. If you have an urgent and immediate need for the tool, please reach out to GMMSupport@service.microsoft.com for a download link. Microsoft is releasing the tool without support, other than answering questions about how we use it internally. Link to the demo video: https://aka.ms/Admin1011
These "user voice" forums are useless. Another post that's over 2-years, 4500 votes...and the feature still doesn't exist. I can add a shared mailbox to a O365 group but not a security group, distribution list, or MESG... Microsoft has been going downhill the past 2 years, sad.
One of the biggest challenges today is keeping the team memberships in order.
Teammemberships constant change and we want to give the user one list to keep in order. All the rest should follow automaticly.
We use already a long security/Distribution groups for controlling authorisation in different 3th party applications, file server permission, etc.
This makes it so bizar that today you can only add members based on a distribution list, but afterwarths there is nog link anymore :(
Mohammad Fayaz commented
This really needs to be sorted out, it's a real pain.
Why was this not a ground up feature as it is with anything Microsoft? Doesnt quite make sense to break BP randomly.....
Looks like this is a June 2021..as per Roadmap
Di Cortado commented
Looking to see this implemented as well.
Any updates on this? We are having to limit the use of Teams in certain use cases do to the lack of dynamic group membership updates from AAD. No one wants to manually manage or duplicated groups already in AAD.
Kayleigh Limacher commented
i'm another one that wants this, we are migrating hundreds of users from the old way of managing to the new and this is going to be a severe pain in the proverbial.
Is there an ETA ?
Vojta Wagner commented
As everybody here for me the same two BIG issues:
1. Full possibility to nest an O365 group into another one for administration
2. Possibility to nest O365 groups in an Exchange Distribution List
Some reaction from Microsoft seen in this thread, hopefully ACTION soon!
James Harris commented
Yet to be implemented. Just waited an hour for a client on this to come back with SooL.
Just causes more costs for clients to manage double the groups.
PLEASE implement this change. It was possible to add security groups as channel owners in the old Microsoft Video Center so I really don't understand why that changed with the migration to Stream. For our old channels that migrated to Stream and became groups, the security group is still the owner of the group! But we can't add a security group to any new Office 365 groups that we create. We have a lot of people that need to be group owners so to add everyone manually is going to take a lot of time. It's ridiculous.
Anyone have a constructive update on this?
I have dozens of crufty old AD groups that I need to turn into Teams now that we've migrated to 365. Do I really have to do all this work twice?
well, this is a surprise and a giant disappointment. how could they have not realized this was necessary and one of the most basic features for management? please put this at the top of your list.
Rick Westall commented
How has this STILL not been implemented? This missing feature makes many aspects of Streams and other new features un-useable, as we cannot manually update every O365 Group every time a member leaves, changes positions, or joins.
Jakob Nøtseth commented
Implementing for education, I see most already have and use Microsoft Identity Manager to create user objects and security groups in local AD from SIS and HR combined. Microsoft has come up with the SDS for creating O365 groups based on SIS alone. We need a better route to go from local security groups to O365 groups. Most practical would probably be to make it possible to manage from Microsoft Identity Manager / AAD Connect, and not use SDS. I rather not have duplicate groups, one security, one O365 with the same members. I suggest to exclude OU-s with class/enrollments security groups from AAD Connect, and then get a Azure AD Connector able to write O365 groups and education specific attributes in place of SDS in Microsoft Identity Manager.
Amazing this is not there.....O365 is such a pain to manage. This is such a basic feature that is missing. So much for best practices using security groups.
Use case: In my large company, I want all members of the Project Management team to have access to multiple teams - PM Community, Finance Hub, Portfolio Updates. When staff changes happen, manual updates are required to each Team individually. We are trying to achieve role-based access control - please help! Using attributes like Title or Department and dynamic groups is not flexible enough and open to risk of unauthorised access as these fields are driven from our HR system and get changed when position and position descriptions change.