How can we improve Azure Active Directory?

Enable support for dynamic mail-enabled security groups

Dynamic security groups are great, mail-enabled groups are great too wouldn't it be great to have both. We have a requirement to create security groups (or distribution groups) based on employee attributes (i.e. Active Full-time, Active Parttime, etc...). These attributes live in Azure AD but aren't accessible in Exchange Online so I cannot create a dynamic distribution group. I am able to create a mail-enabled security group but the membership cannot be dynamic. And any dynamic group I create can't be mail-enabled unless it's a unified group but for the purposes we need the groups for Unified groups aren't appropriate. All North America employees do not need to be a threaded group with planner and calendars. Please fix these gaps.

116 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Tre`Von McKay shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

Thank you for your feedback! We have heard you and are considering future implementation options. There is no timeline yet for implementation. If this feature matters to you, keep voting as it will help us prioritize.

21 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    This is really a problem. You only give us one tenant. We need to separate students and faculty/staff. both populations are changing all the time. For example students should not be able to book certain rooms - we need a dynamic, mail enabled universal security group to create the bookinpolicy

  • Jeán Hubbard commented  ·   ·  Flag as inappropriate

    Seriously, this really needs to be a thing. We have employees that move between departments a lot, many times still "filling in" for their old department until a replacement is hired.
    Managing "Groups" is also becoming confusing and a mess with everything creating Groups.

  • Shaun Kilmartin commented  ·   ·  Flag as inappropriate

    Please make this happen. I really was hoping that I could have dynamic Mail-Enabled Security Groups. It would make it way easier to manage departmental lists. Unfortunately, using a dynamic O365 group is overkill a lot of the time, and its impossible to make a Dynamic O365 group private, which is a huge security issue for us.

  • Ali Khalifah commented  ·   ·  Flag as inappropriate

    Dynamic group, wait you can't use it everywhere.... let's go back to the manual process by asinging one user every time. this may only take a couple of months.

  • Alan Gordon commented  ·   ·  Flag as inappropriate

    Main point to use dynamics groups is to reuse them for multiple purposes. It looks like there are still disconnections between products, this requires to be fixed.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Why isn't this already done? I cannot separate out hundreds of thousands of students from my corp email users within the same tenant. Veeam cannot backup anything but mail-enabled groups, of which dynamic groups are apparently not a part!

  • Nick commented  ·   ·  Flag as inappropriate

    Why does this even need to be a question??? It should have been a standard requirement.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Imagine I want a dynamic group for users with specific conditions.. maybe all that are new to the company are added to the "All Employees" group. Why then am I not allowed to email this group? It defeats the purpose of the group being dynamic

  • Alan commented  ·   ·  Flag as inappropriate

    The number of attribute options in Exchange are laughable. We absolutely need the flexibility of this group type to be mail-enabled! Either that or transfer the same options to dynamically scope security groups to the exchange groups. Must have!!

  • Dani Fischer commented  ·   ·  Flag as inappropriate

    Very important for AIP scoped policies on e.g. org units/groups. Very difficult to achieve otherwise (O3665 groups won't address all Needs)

  • Anders Olsson commented  ·   ·  Flag as inappropriate

    this lack of feature is still a blocker. I would strongly advice to prioritize this functionality

  • Joe Paul commented  ·   ·  Flag as inappropriate

    Please add this to your roadmap, since our Azure Information Protect rollout is dependent on this. We need to isolate users based on certain AD attributes, due to a great a mix of users that get onboarded in the organisation.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Why would you allow us to create security groups with dynamic membership, but not mail-enabled security groups with dynamic membership? This seems more like a bug/oversight than a missing feature?

  • KariV commented  ·   ·  Flag as inappropriate

    As much as I like the O365 groups, there're cases when just being able to make a mail enabled group with the AAD dynamic support would be the best solution. Usually these cases come with a very short requested delivery time, of course.

    The actual need is to be able to email groups of users based on more or less complex rules for AAD attributes and NOT have the end users get all kinds of messages that "you are now invited to this and that group".

  • Todd Bettis commented  ·   ·  Flag as inappropriate

    +1
    This would allow us to maintain dynamic groups in a single place and take advantage of attributes in our schema extension.

← Previous 1

Feedback and Knowledge Base