I'm thrilled to announce major enhancements to group writeback are in public preview! Use Azure AD Connect to write cloud groups, including security groups, back to your on-premises Active Directory. With this preview, you can manage access to on-premises resources with groups that are managed in the cloud.
Today, you can write M365 groups back to their on-premises Active Directory as universal distribution groups. With this public preview, we’ve expanded what groups can be written back, added the ability to manage groups for writeback in MS Graph and the Azure Admin Portal, and added a feature in Azure AD Connect to make it easier to find your groups on-prem.
M365 group enhancements
- You'll now be able to write your M365 groups back to on-premises Active Directory as either a universal Distribution Group, Security Group, or Mail-Enabled Security Group using PowerShell, MS Graph, or the Azure Admin Portal.
- You can set a tenant-wide setting to automatically write back newly created M365 groups using MS Graph.
New group writeback features
- You can now also configure writing Azure AD Security Groups back to on-premises Active Directory as a universal Security Group using PowerShell, MS Graph, or the Microsoft Entra admin center.
- When configuring group writeback in Azure AD Connect, you have the option to swap the common name of the on-prem distinguished name to be the cloud group’s display name, making it easier to identify what groups are being written back from Azure AD.
- You can manage what groups you’d like to write back to Active Directory using MS Graph Explorer and the Microsoft Entra admin center.
Learn more about Microsoft identity:
- Related Articles: group resource type - Microsoft Graph beta | Microsoft Docs Azure AD Connect: Group writeback V1 - Microsoft Entra | Microsoft Docs
- Return to the Azure Active Directory Identity blog home
- Join the conversation on Twitter and LinkedIn
- Share product suggestions on the Azure Feedback Forum
Updated Jun 28, 2022
Version 1.0
KristinaHotz
Microsoft
Microsoft
