Azure AD Group Management Restrictions

Danny Kitchen 21 Reputation points
2023-01-19T15:06:24.11+00:00

Has anyone found a way to restrict access to an azure AD group

Background - On Prem with AAD Sync

Creating an Azure Group for security purposes, but a requirement to control who can manage adding/removing users to the group.

Is this possible to restrict a group management permissions to say another group

Equivalent of ACL on prem AD

Many thanks in advance

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,610 questions
No comments
{count} votes

Accepted answer
  1. Vasil Michev 61,741 Reputation points Microsoft MVP
    2023-01-19T15:22:18.2633333+00:00

    Security groups by default can only be managed by admins. For other group types, you have the relevant controls to prevent creation and membership changes.

    If you want to further restrict admin access, consider using Administrative units, and take a look at the role-assignable groups functionality.

    You can add more details on the planned use cases and group type needed, if the above does not suit your needs.

    No comments

1 additional answer

Sort by: Most helpful
  1. Danny Kitchen 21 Reputation points
    2023-01-20T07:59:45.2666667+00:00

    Thankyou for this
    Believe that is what i am after

    No comments