Dynamic Groups: Member of group
Would be good to have the possibility to use membership in other groups as a condition in a dynamic group membership rule.
(user.objectId -memberOf group.objectId)
(user.objectId -notMemberOf group.ObjectId)
Use case 1 - Group Based Licensing.
If the user is member of a group that gives them a E5 license, don't let them be member of a group that gives them E3.
Use case 2 - Exceptions
All users should have a MDM policy applied, accept those of a specific group.
Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.
Maria Monita Martin commented
Any Update from the Azure AD Team on this?
This is much needed.
This is much needed. Any workarounds?
Brindell, Aaron commented
This would add so much power to AD. It's so common to need groups that include multiple membership qualifiers, like say Department-Role-Project-ReadAccess. Being able to simply create groups for Department, Role, and Project, then manage them as appropriate would take a lot less work, and be much safer in terms of not forgetting to move people in/out.
I would love this feature please and thank you!
Vasquez, Matty commented
Please add this feature, we really need this to help replicate and consolidate memberships across O365 Groups, MS Teams and SharePoint Sites so staff are not having to be manually added to multiple Sites and Groups by different owners in different systems!
Any update on this?
Dan Smith commented
I could really use this right about now...
I need to create a dynamic group which consists of any users who are not presently members of another particular group.
Rob Hosler commented
I would make much more sense to have the dynamic group membership set by the membership of one or more other AD groups than to have a rule like (user.objectID -eq "S-1-1-11-...") Might as well just add the user(s) to the group manually. Most of the rule available would likely produce only one user or the entire directory.
I can't imagine a business case where I would want to maintain a set of dynamic rules like "I want any one with this mobile number to be a member of my group." or "I want every 'Mike' in the company in this group"
couldn't believe this is not available right now. please push.
Eric Wilborn commented
Yes please. I have an end user that curates a leadership team group in O365 and then another end user that curates the same leadership list for on-prem SharePoint. This would reduce the workload and keep them in sync.
Much needed feature
We need this!
+1. need this.
This would make licensemanagement so much easier.
We are getting our accounts as an import in our AD on premises.
from there they are imported in Azure by AAD-connect.
It would be so nice to make the groups (made by the import in AD on premises) the source for our license groups in Azure.
+1 for Ritesh. Can we get an update from the AAD Team at Microsoft given the nearly year old previous response?
Ritesh Mathoera commented
This would be very, very, helpfull in licensemanagement.
Jake Thomas commented
This would be amazing for our Intune deployment process.
Here's an example:
80% of users in our organization get Office 365 with all core apps except Access, Groove, and Publisher. We deploy this to them based on whether or not they have an Office E3 license.
An additional 5% of our users have Project or Visio. Being licensed could put them in a group to get Visio or Project automatically assigned and deployed.
Brian Forquer commented
This would be fantastic functionality, can't wait!
Ulrik Skadhauge Jensen commented
Is this on the roadmap for this year