Dynamic Groups: Member of group
Would be good to have the possibility to use membership in other groups as a condition in a dynamic group membership rule.
(user.objectId -memberOf group.objectId)
(user.objectId -notMemberOf group.ObjectId)
Use case 1 - Group Based Licensing.
If the user is member of a group that gives them a E5 license, don't let them be member of a group that gives them E3.
Use case 2 - Exceptions
All users should have a MDM policy applied, accept those of a specific group.
Thank you for your feedback! The feature team is aware of this suggestion and will keep it under consideration. There are technical challenges to overcome in order to make this happen. Please keep the votes coming if this feature matters to you.
As group based licensing (GBL) and MS Dynamics cant work with nested groups (big oversight) then the need for memberof as an attribute is a must have
This far from nice to have as people move away from syncing on premises groups
This is also needed from a different stand point, e.g. in Intune when there's no exclude options for groups (which is the current experience for PowerShell Scripts).
Bruce Ford commented
Consider both users and devices for memberof.
The feature team will start the design and analyze technical complexity to come up with a timeline to enable memberOf attribute to construct Dynamic groups.
Wilkinson, Greg commented
There is a workaround for OP's specific use case. You can query the user's assigned plan this way:
(user.assignedPlans -any (assignedPlan.service -eq "MicrosoftOffice" and assignedPlan.capabilityStatus -eq "Enabled"))
I used this powershell script for help with the license names:
I still need to be able to query group memberships for a different reason, which is why I'm here.
We all need this feature, please Microsoft give it some love :)
Wallace Henderson commented
This would be very useful.
Jordan Mills commented
This is really necessary for group licensing using dynamic groups.
Martin Wälter commented
Since 365 group do not sync with AAD, and Teams works with Dynamic 365 groups, "member of" is definitely needed to be available in the 365 Dynamic groups criteria. My security groups are managed by MIM on prem and we have no more free users Attributes...
I would love to see this working.
Phil worrell commented
Definitely a need. As we have managed Security groups in MIM already that are used for on premises functions, but we need to maintain a separate Office 365 group of the same membership or combined with another group to work in Teams.
At moment it is a blocker as I don't have a way other than manually to keep these in sync. We don't need the overhead of trying to duplicate rules on Prem and in the Cloud.
Sidiropoulos Georgios commented
This would help out a lot of organizations trying to automate Teams membership. Please look into this again.
This is needed for sure!
The lack of this functionality brought our Teams deployment to a complete halt. How the heck does anyone manage Teams with the incredibly long list of crippling gaps and quirks.
Please, we need this...
Under review since 2018 :(
Erick Mercado commented
This would make license administration so much easier
Please implement this feature
Yes please, implement this feature please. We need dirty workaround to overcome this :(