Share via

Sharepoints and Distros Azure AD Groups

Flavia 240 Reputation points
2023-07-06T17:14:38.5233333+00:00

I created a security group in Azure Ad and added several application and the M365 license to onboard users faster. The only problem is that I can not add Teams channels that show as Azure AD Microsoft groups or neither SharePoints showing as Azure AD groups, neither I can add distribution list showing as Azure AD groups to the onboarding group. Is there a way or a PowerShell script to add those groups inside another group in Azure AD regardless of being a security group or a Microsoft group?

Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,976 questions
Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harpreet Singh Matharoo 8,401 Reputation points Microsoft Employee Moderator
    2023-07-07T10:04:40.2033333+00:00

    Hello @Flavia

    Thank you for reaching out. There is limited support for nested groups within Azure AD. Per the following doc (Service limits and restrictions - Azure Active Directory | Microsoft Docs), nested groups are only supported in certain scenarios. I've posted an excerpt from the doc below:

    At this time, the following scenarios are supported with nested groups:

    • One group can be added as a member of another group, and you can achieve group nesting.
    • Group membership claims. When an app is configured to receive group membership claims in the token, nested groups in which the signed-in user is a member are included.
    • Conditional access (when a conditional access policy has a group scope).
    • Restricting access to self-serve password reset.
    • Restricting which users can do Azure AD Join and device registration.

    The following scenarios are not supported with nested groups:

    • App role assignment, for both access and provisioning. Assigning groups to an app is supported, but any groups nested within the directly assigned group won't have access.
    • Group-based licensing (assigning a license automatically to all members of a group).
    • Microsoft 365 Groups.

    I hope this helps to resolve your query. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

  2. Flavia 240 Reputation points
    2023-07-11T16:16:58.05+00:00

    If I created a Microsoft Group, would that nest distros, sharepoints and teams channels? Is there any other option you know to assign a user to these without going one by one and adding the users?

    0 comments
  3. Azar 29,520 Reputation points MVP Volunteer Moderator
    2023-07-11T16:26:45.9033333+00:00

    Hi Flavia

    Alternatively, you can also utilize Azure Active Directory (Azure AD) security groups to assign users to these resources. Azure AD security groups allow you to define a group once and then add or remove members as needed. You can then assign these security groups to the desired resources, such as SharePoint sites or Teams channels. This provides a more efficient way to manage user access, especially when dealing with a large number of users or when user memberships frequently change.

    By leveraging either Microsoft Groups or Azure AD security groups, you can streamline the process of assigning users to distros, SharePoint sites, and Teams channels, eliminating the need to add users individually to each component. This saves time and helps maintain consistent access control for your resources.

    If this answer helps kindly accept it

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.