This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 49%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Hi,
Just goofing around, so there's probably a simple explanation, but I've just noticed that while logged into my own portal as global admin, I've gone into "Azure Active Directory -> Groups -> New" Group. Membership type is greyed out, but there is no switch option for "Azure AD roles can be assigned". Note that after creating a group I can view properties and see this switch, though disabled, and the switch can only be enabled during group creation.
Please advise if you spot something (obvious) I've overlooked, or is it not currently possible to create user-groups to manage user permissions efficiently in this manner?
I'll probably wind up kicking myself for missing something obvious, but we all have bad days :)
Glad, @Simon Hughes , you found the answer. Can you please Accept your answer? This will help us and others in the community as well. Thanks.
Doh - small oversight. Using personal / free acct, so comes with the free active directory. Needs a P1 (premium) AD license for that feature. I'll leave the post here anyhow in case anyone else comes across the issue and forgets the obvious :D