![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGF%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,191 questions
This feature requires an Azure AD Premium P1 license or Intune for Education for each unique user that is a member of one or more dynamic groups. You don't have to assign licenses to users for them to be members of dynamic groups, but you must have the minimum number of licenses in the Azure AD organization to cover all such users. For example, if you had a total of 1,000 unique users in all dynamic groups in your organization, you would need at least 1,000 licenses for Azure AD Premium P1 to meet the license requirement. No license is required for devices that are members of a dynamic device group
Source: https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership
To create a dynamic Azure AD group for guests, you need to:
- Sign in to the Azure portal with an account that is the global administrator for your organization.
- Select Azure Active Directory > Groups > New group.
- Select Security as the group type and enter a name and description for the group.
- Change Membership type to Dynamic User and provide the rules that will be used to determine the group’s members. For example, you can use the rule (user.userType -eq "Guest") to include all guest users in the group.
- Click Create.
Let me know if it works by accepting the answer.