Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
We have announced that Group Owners will be able to leverage existing groups to drive membership in Office 365 Groups.
I have dozens of crufty old AD groups that I need to turn into Teams now that we've migrated to 365. Do I really have to do all this work twice?
well, this is a surprise and a giant disappointment. how could they have not realized this was necessary and one of the most basic features for management? please put this at the top of your list.
Rick Westall commented
How has this STILL not been implemented? This missing feature makes many aspects of Streams and other new features un-useable, as we cannot manually update every O365 Group every time a member leaves, changes positions, or joins.
Jakob Nøtseth commented
Implementing for education, I see most already have and use Microsoft Identity Manager to create user objects and security groups in local AD from SIS and HR combined. Microsoft has come up with the SDS for creating O365 groups based on SIS alone. We need a better route to go from local security groups to O365 groups. Most practical would probably be to make it possible to manage from Microsoft Identity Manager / AAD Connect, and not use SDS. I rather not have duplicate groups, one security, one O365 with the same members. I suggest to exclude OU-s with class/enrollments security groups from AAD Connect, and then get a Azure AD Connector able to write O365 groups and education specific attributes in place of SDS in Microsoft Identity Manager.
Amazing this is not there.....O365 is such a pain to manage. This is such a basic feature that is missing. So much for best practices using security groups.
Use case: In my large company, I want all members of the Project Management team to have access to multiple teams - PM Community, Finance Hub, Portfolio Updates. When staff changes happen, manual updates are required to each Team individually. We are trying to achieve role-based access control - please help! Using attributes like Title or Department and dynamic groups is not flexible enough and open to risk of unauthorised access as these fields are driven from our HR system and get changed when position and position descriptions change.
'leverage existing group to drive membership' means what exactly...
If you aren't going to update this thread, and you aren't going to fix the Problem, get rid of Microsoft 365 Groups. These are a nightmare without real feedback and information from more recently than 15 months ago. Users are going crazy making groups all over the place, and you are leaving us admins to clean up their mess and explain why this 'feature' no one asked for is poorly implemented.
How about an update....
Eric Miller commented
Please fix this soon, it makes MS Streams unusable for us at this point.
Matt Farley commented
This is vital functionality for adoption of Teams as a core Enterprise tool. Managing access to private teams is already becoming a headache, reminiscent of the early SharePoint experience.
Richard Cooke commented
Why is this not available? Microsoft advice years ago was to use groups instead of individuals when granting access for easier administration. I set up groups for the various teams and roles in our organisation, I want to add new users to the team and role groups and be done. Not have to go hunting around every SharePoint site and Team to find out which ones a new user should access. Admin nightmare!
How is this functionality still not available? This would make administration so much better!
Mike Heath commented
Any update on this request? We'd really like the ability to more easily manage our org-wide Team!
When will there be an update on this request?
Julian Thornley commented
Over a year later & no update....
The admin response is unclear and broad. Currently in O365 Groups, you can "add" another O365 Group which strips out the usernames and not the retain Group itself. The issue with this approach is if new users are added to the other O365 Group, the change is not reflected in the current group. Unless MS plans to redesign AAD framework/architecture to O365 Groups, adding SG/UG is best .
Lets do this. Managing Teams and am creating RW and R only groups and would like to make this easy... For instance the whole school should have Read-Only with small group having Read-Write to a team
How about an update Microsoft?
Let’s get them! People let’s leave comments until they hear us!!!!!
Yearsss to do this ..
This script (explained in German) Maybe helps some of you as a workaround: https://vznet.ch/verschachteln-einer-security-gruppe-in-eine-office-gruppe-im-azure-ad-via-powershell/
Anand Makhecha commented
Wow, I have been waiting for this missing feature since 2016. Dumbfounded that 4 years on and still no real progress, Come on MS please make it happen, it really can't be that difficult ?