Why AdminA Can't access the options of Azure AD Group Users added in Administrative Unit?

Question

This is my Architecture of one of the requirement.

In Azure AD, I have done following:

1. Created 10 Users in which the users named as User A to H, Admin A to B.
2. Created 2 Groups (Logistics-grp, General-grp)
3. User C, D are added to Logistics-grp. User G, H are added to General-grp
4. Make Admin B as User Administrator in Assignments.
5. AD > Administrative Units > Add - Department A as Name, Admin A as User Administrator.
6. Added the User A, B, Logistics-Grp to the Administrative Unit. Here Admin B will have the permissions to the options "Edit Properties" and "Reset Password" of all users because of User Administrator role to entire directory.

and Admin A will have the permissions to the options of "edit properties" and "Reset Password" of the users A, B, (C & D are part of Logistics-grp) added to Administrative Unit.

But Admin A is unable to get the access to the options "edit properties", "reset password" of User C & D.

Why? Where I'm doing mistake?

Could anyone point me in right direction?

Answer 1

As mentioned in the documentation:

Adding a group to an administrative unit brings the group itself into the management scope of the administrative unit, but not the members of the group. In other words, an administrator scoped to the administrative unit can manage properties of the group, such as group name or membership, but they cannot manage properties of the users or devices within that group (unless those users and devices are separately added as members of the administrative unit).

Add the users directly if you want to be able to perform management actions against them.