Add security groups to Office 365 groups
I need a way of making security groups part of an Office 365 group. I want to be able to add users to a security group and then they are automatically a member of a Office 365 group.
Dynamic group membership only appears to work for user attribute values and not their group membership.
Hi! As we announced during Ignite this year, we are releasing an open source tool by the end of the year that can be used to pull in one or more security groups (nested or not) into the membership of large Microsoft 365 Groups. The membership will be pulled in as a flat list and kept in sync with the security group membership. Having Azure subscriptions is a pre-requisite to using this tool. The successful deployment would require support from personnel that have experience in building, deploying and managing Azure services, so you can get through the installation smoothly. If you have an urgent and immediate need for the tool, please reach out to GMMSupport@service.microsoft.com for a download link. Microsoft is releasing the tool without support, other than answering questions about how we use it internally.
J D commented
please inform us about a road map when this URGENTLY needed Feature will be rolled out. Impossible to work with Team without that!
Michael Seddon commented
Where does this sit on the roadmap please?
thomas segato commented
"Further proof that nobody who works at Microsoft today has any concept of real-world IT..."
DO you couldn't be more wrong. I work for Microsoft as a consultant and are at customers every day. Believe me when I say I know the need for this in the enterprise. It's close to impossible to administer the platform without.
Hans Vis (@Cavero) commented
That's great that it's in the plans!
Tim de Jong commented
Mark Burland commented
The easy fix here is to make AAD Premium go away and fold those key features into Core Office 365.
Our management want to use 'teams' in our organisation (+ 1000 users) but missing active directory integration is a huge drawback to roll out Teams !
Pieterjan H. commented
We're trying to use Stream, but without our security groups available, which are well curated, we need a way to either use security groups in Stream, or automatically sync/merge the security groups into Office365 groups.
Peter Leahy commented
We're busy implementing SharePoint Online and Office 365 this seems a silly thing to be missing, you can add a group to a SharePoint group but not a 365 group.
We have a nice role based permission model in our AD that would fit perfectly into the groups but we can't use it.
Jiří Schimmer commented
I guess we all agreed that enterprise really needs this feature, now some response from MS would be nice - there are ideas with less votes and there is a comment.
Chad Heidorn commented
We need to be able to add security groups as group owners so we can more effectively manage these groups. Office 365 groups need to be available so they can be added to security groups. We can't create and manage duplicate groups for every Office 365 group.
I can't understand why this get forgotten by design. Since local Security groups are still needed this is an urgent need because no organsiation wants to handle user and groups twice.
Daniel Schnyder commented
Top issue in our customer projects. Yes please, we need nesting of AD groups in Office 365 Groups
Daniel W commented
This is sorely needed!
Please implement this feature as we cannot have a scalable employee onboarding process otherwise.
Reinier van Schaik commented
A company migrate normal from an existing AD, by ADFS, to Office 365. Therefore it's important to use security group membership to Office 365 (Teams/SharePoint).
All one place of organisation
This is really so import for every organisation, which has many changes in their organisationstructure. In our case we have 4 times a year a big change in out HR structure resulting in a mess of changing group permissions. It would be so much easier with security groups.
Wade Baugher commented
This issue seriously undermines the usability of the entire Teams/SPO integration.
The whole group thing is a mess and I would perceive that MS is using this to drive companies to the Cloud and away from on-prem.
The real problems are the lack of interoperability, the lack of nested group support and how GPOs are applied and leveraged.
MS has created User Group Entities in MS Teams that can 1way sync to Office 365 group entities that are populated in AzureAD but cannot be linked to the AzureAD on-prem groups that are synced.
This screams of a Development group that does not understand the functionality or power of the core components that made Active Directory Successful. I believe that this is evident by the lack of Nesting Support.
I agree this is a real must have for many larger companies. We need both of them. Flexible and dynamic teams where a projectleader manages the members can be done from the Office 365 Group. And we need more static teams (departments) to be managed centrally from AAD or Active Directory on-prem using security groups.
I'm working with a company with +3000 low tech users world wide. They've invested tons of hours on AD Security Groups using their HR system as a master data. Implementing Microsoft Teams is not an option as long as AADConnect/AAD lack this capability. Any timeframe when this is going to happen?