Forum Discussion

Robert Woods's avatar
Robert Woods
Steel Contributor
Dec 05, 2017

Azure AD Security Group - Can I mail enable the group?

Is there any way to mail enable an azure ad security group? This group is built in azure ad to take advantage of the robust Dynamic membership capabilities, and we would like to mail enable it, but not make it an office 365 group. We do not want it to have a sharepoint or planner or any of the other stuff that comes with an office 365 group. We just want the dynamic membership capabilities of the azure security group, as well as mail delivery to the group members. When creating the group it only gave us a slider that said enable office features yes/no and I chose no.

  • Nope, you cannot have it all. If you want it to stay dynamic and use it as security principal, it cannot be mail-enabled. If you scrap the dynamic part, you can create Mail-enabled security group in Exchange. If you can leave without the security part, create dynamic DG in Exchange.

  • Nope, you cannot have it all. If you want it to stay dynamic and use it as security principal, it cannot be mail-enabled. If you scrap the dynamic part, you can create Mail-enabled security group in Exchange. If you can leave without the security part, create dynamic DG in Exchange.

    • Kreera_House's avatar
      Kreera_House
      Steel Contributor

      VasilMichev Have there been any changes on mail-enabling dynamic Azure security groups? In our use case, we need dynamic mail-enabled groups to assign sensitivity labels and Exchange Dynamic Groups don't work for that and I don't want to create a Microsoft 365 Group with all of its trimmings.

    • Robert Woods's avatar
      Robert Woods
      Steel Contributor

      Thanks VasilMichev. That is what I suspected. When going with the Dynamic DG in Exchange Admin Center I only have a couple of options, Company, State, Department to choose from. Any way for me to use the Office Location instead without copying it to a custom attribute?

       

      • Robert Woods's avatar
        Robert Woods
        Steel Contributor

        Actually, I think I found the powershell commands.

         

        New-DynamicDistributionGroup -Name "#Test2" -RecipientFilter {(RecipientType -eq 'UserMailbox'
        ) -and (OFFICE -eq 'TEST OFFICE')}

Resources