Unable to create groups from Active Directory with "Azure AD roles can be assigned" switched on?

Simon Hughes 76 Reputation points


Just goofing around, so there's probably a simple explanation, but I've just noticed that while logged into my own portal as global admin, I've gone into "Azure Active Directory -> Groups -> New" Group. Membership type is greyed out, but there is no switch option for "Azure AD roles can be assigned". Note that after creating a group I can view properties and see this switch, though disabled, and the switch can only be enabled during group creation.

Please advise if you spot something (obvious) I've overlooked, or is it not currently possible to create user-groups to manage user permissions efficiently in this manner?

I'll probably wind up kicking myself for missing something obvious, but we all have bad days :)

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,649 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Simon Hughes 76 Reputation points

    Doh - small oversight. Using personal / free acct, so comes with the free active directory. Needs a P1 (premium) AD license for that feature. I'll leave the post here anyhow in case anyone else comes across the issue and forgets the obvious :D

    2 people found this answer helpful.
    No comments