Forum Discussion
Add Dynamic Distribution List in O365 Security Group
Hello Everyone,
Can we add a Dynamic Distribution List into O365 Security Group?
Thanks & Regards,
Bhanu
As this article shows
- You can have dynamic security groups
- You can have dynamic office 365 groups
You set these in Azure AD. You cannot add a dynamic distribution list to an existing security group.
This should answer the question you originally had.
These will help you create such a group based upon dynamic rules
https://docs.microsoft.com/en-gb/azure/active-directory/users-groups-roles/groups-create-rule
https://docs.microsoft.com/en-gb/azure/active-directory/users-groups-roles/groups-dynamic-membership
I do not think you would need to enable external sharing on SP site collection to give permissions directly to DDL - this is for users outside of the organisation.
Best, Chris
4 Replies
Thanks ChrisHoardMVP and VasilMichev for your quick help.
Yes, My requirement is to dynamically evaluate members and give authorization for users to access from O365 Group.
So, To summarize - I cannot add DDL into O365 Security Group. But, I can create a Group in AAD based on dynamic rules similar to DDL. And Use this AAD Group directly in SP permissions mapping. Am i right?
Also, on the other hand - Do i need to mandatorily enable external sharing on SP site collection to give permissions directly to DDL?
Thanks & Regards,
Bhanu
As this article shows
- You can have dynamic security groups
- You can have dynamic office 365 groups
You set these in Azure AD. You cannot add a dynamic distribution list to an existing security group.
This should answer the question you originally had.
These will help you create such a group based upon dynamic rules
https://docs.microsoft.com/en-gb/azure/active-directory/users-groups-roles/groups-create-rule
https://docs.microsoft.com/en-gb/azure/active-directory/users-groups-roles/groups-dynamic-membership
I do not think you would need to enable external sharing on SP site collection to give permissions directly to DDL - this is for users outside of the organisation.
Best, Chris
No, you cannot, as DDLs are not recognized by AAD, thus there is no matching object to add to the security group. You can add them as members to any group Exchange recognizes though, including mail-enabled security groups.
- Hi Bhanu,
Believe what you are looking for security groups with dynamic membership. These can be created in Azure.
https://docs.microsoft.com/en-gb/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal#how-can-i-create-a-simple-rule-to-manage-members-of-a-group-dynamically
This Community article should be able to help
https://techcommunity.microsoft.com/t5/Office-365-Groups/Dynamic-Office-365-groups/td-p/5937
I believe you need Azure AD Premium P1 to create these out of the box
Hope that helps
Best, Chris
