Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
Thanks to everyone for your feedback and votes on this item. We’re working through a couple of options and hope to have more information shortly. It’s a very difficult problem to solve since group membership is consumed across many different aspects of Microsoft 365. Thanks for your patience and keep the feedback coming!
Looks like this is a June 2021..as per Roadmap
Di Cortado commented
Looking to see this implemented as well.
Any updates on this? We are having to limit the use of Teams in certain use cases do to the lack of dynamic group membership updates from AAD. No one wants to manually manage or duplicated groups already in AAD.
Kayleigh Limacher commented
i'm another one that wants this, we are migrating hundreds of users from the old way of managing to the new and this is going to be a severe pain in the proverbial.
Is there an ETA ?
Vojta Wagner commented
As everybody here for me the same two BIG issues:
1. Full possibility to nest an O365 group into another one for administration
2. Possibility to nest O365 groups in an Exchange Distribution List
Some reaction from Microsoft seen in this thread, hopefully ACTION soon!
James Harris commented
Yet to be implemented. Just waited an hour for a client on this to come back with SooL.
Just causes more costs for clients to manage double the groups.
PLEASE implement this change. It was possible to add security groups as channel owners in the old Microsoft Video Center so I really don't understand why that changed with the migration to Stream. For our old channels that migrated to Stream and became groups, the security group is still the owner of the group! But we can't add a security group to any new Office 365 groups that we create. We have a lot of people that need to be group owners so to add everyone manually is going to take a lot of time. It's ridiculous.
Anyone have a constructive update on this?
I have dozens of crufty old AD groups that I need to turn into Teams now that we've migrated to 365. Do I really have to do all this work twice?
well, this is a surprise and a giant disappointment. how could they have not realized this was necessary and one of the most basic features for management? please put this at the top of your list.
Rick Westall commented
How has this STILL not been implemented? This missing feature makes many aspects of Streams and other new features un-useable, as we cannot manually update every O365 Group every time a member leaves, changes positions, or joins.
Jakob Nøtseth commented
Implementing for education, I see most already have and use Microsoft Identity Manager to create user objects and security groups in local AD from SIS and HR combined. Microsoft has come up with the SDS for creating O365 groups based on SIS alone. We need a better route to go from local security groups to O365 groups. Most practical would probably be to make it possible to manage from Microsoft Identity Manager / AAD Connect, and not use SDS. I rather not have duplicate groups, one security, one O365 with the same members. I suggest to exclude OU-s with class/enrollments security groups from AAD Connect, and then get a Azure AD Connector able to write O365 groups and education specific attributes in place of SDS in Microsoft Identity Manager.
Amazing this is not there.....O365 is such a pain to manage. This is such a basic feature that is missing. So much for best practices using security groups.
Use case: In my large company, I want all members of the Project Management team to have access to multiple teams - PM Community, Finance Hub, Portfolio Updates. When staff changes happen, manual updates are required to each Team individually. We are trying to achieve role-based access control - please help! Using attributes like Title or Department and dynamic groups is not flexible enough and open to risk of unauthorised access as these fields are driven from our HR system and get changed when position and position descriptions change.
'leverage existing group to drive membership' means what exactly...
If you aren't going to update this thread, and you aren't going to fix the Problem, get rid of Microsoft 365 Groups. These are a nightmare without real feedback and information from more recently than 15 months ago. Users are going crazy making groups all over the place, and you are leaving us admins to clean up their mess and explain why this 'feature' no one asked for is poorly implemented.
How about an update....
Eric Miller commented
Please fix this soon, it makes MS Streams unusable for us at this point.
Matt Farley commented
This is vital functionality for adoption of Teams as a core Enterprise tool. Managing access to private teams is already becoming a headache, reminiscent of the early SharePoint experience.
Richard Cooke commented
Why is this not available? Microsoft advice years ago was to use groups instead of individuals when granting access for easier administration. I set up groups for the various teams and roles in our organisation, I want to add new users to the team and role groups and be done. Not have to go hunting around every SharePoint site and Team to find out which ones a new user should access. Admin nightmare!