Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Enable support for dynamic mail-enabled security groups

Dynamic security groups are great, mail-enabled groups are great too wouldn't it be great to have both. We have a requirement to create security groups (or distribution groups) based on employee attributes (i.e. Active Full-time, Active Parttime, etc...). These attributes live in Azure AD but aren't accessible in Exchange Online so I cannot create a dynamic distribution group. I am able to create a mail-enabled security group but the membership cannot be dynamic. And any dynamic group I create can't be mail-enabled unless it's a unified group but for the purposes we need the groups for Unified groups aren't appropriate. All North America employees do not need to be a threaded group with planner and calendars. Please fix these gaps.

427 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

McKay, TreVon shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
unplanned  ·  Azure AD Team responded  · 

Thank you for your feedback! We have heard you and are considering future implementation options. There is no timeline yet for implementation. If this feature matters to you, keep voting as it will help us prioritize.

57 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Phil Maynard commented  ·   ·  Flag as inappropriate

    Please enable these feature! We're needing to create two dynamics groups, one in Exchange and one in Azure AD. It would make so much more sense if it could be the same group that was used across the platform. This would also really help end users who expect to be able to use dynamic distribution lists for audience targeting in SharePoint.

  • Anonymous commented  ·   ·  Flag as inappropriate

    We need this too. We synchronize local AD Accounts from different ADs to Azure AD with custome Attributes to build then our Org Distribution Groups. These custome Attributes are not available in Exchange Online so that we have to create Dynamic Groups based on Azure Dynamic Groups. But yes unfortunately there are no mail enabled dynamic groups allowed in Azure AD

  • Mike Brown commented  ·   ·  Flag as inappropriate

    In Power BI, when adding user groups to use a data source on a gateway, Microsoft requires the use of an email address or mail-enabled security group, but does not support the creation of mail-enabled security groups in Azure AD. Please, please, please provide this functionality! Our current work-around is to create an on-prem group and mail enable that group via Exchange's on-prem admin console and then sync the group up to Azure AD. What solution do you have for cloud based mail-enabled security groups for Power BI Data Sources?

  • Seng Ung commented  ·   ·  Flag as inappropriate

    We have people sending email to dynamic distribution groups and adding encryption or sensitivity labels. Permission is not granted since these lists does not apply security permissions. I just hope mail-enabled dynamic security group would help solve this.

  • Ian Caldwell commented  ·   ·  Flag as inappropriate

    Options to control group membership must be consistent across Office, Distribution and Security groups. Managing a fixed group of people so they can have SharePoint access, a Team, and receive emails - not a nice experience to manage three different groups, and not even have dynamic as an option for the mail-enabled security.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Can't believe this hasn't been implemented. This is why people are scared of Azure AD.

  • john commented  ·   ·  Flag as inappropriate

    I proposed this concept for our on Prem SharePoint, only to find it doesn't work? Please help me look good and make it a reality:-)

  • Hidenori Takahashi commented  ·   ·  Flag as inappropriate

    I really need this right now to give access permissions in apps and send group mail. We purely want "Dynamic mail-enabled security group".

    Now we have 2 ways for substitute. First is to create static mail-enabled security group and combine with batch program, but it's much tougher than creating dynamic security group. Second is to use Office365 group, but this will have unnecessary apps. Anyway, both way is nonsense.
    If Microsoft implements "Dynamic mail-enabled security group", I'm sure it makes our business easy.

  • Jennifer L. Newmark commented  ·   ·  Flag as inappropriate

    It's very disappointing that it took more than A YEAR for Microsoft to respond to this, and 2 1/2 years later it's STILL a problem. Pretty much any business over 50 or 100 people needs this functionality.

    Come on, Microsoft! With COVID-19 changing the way the world works, this functionality is needed more than ever!

  • David Mowers commented  ·   ·  Flag as inappropriate

    Not having this functionality is making a hash out of our security policies and complete disconnect between things like DLP and other security policies. It's odd this one is taking so long. Seems like it should be pretty simple.

← Previous 1 3

Azure Active Directory: Groups/Dynamic groups

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice