Forum Discussion
Azure Dynamic Group query not working correctly
I have to say, the parsing is frighteningly untrustworthy and inconsistent for this kind of scenario. But while a couple of other iterations produced unexpected results, the following example worked.
Effectively, I brought the single group "and" criterion to the front and finished with the "or" criterion, which produces the correct resulting membership.
Cheers,
Lain
The latter, which in my example is:
Group003 -and (Group001 -or Group002)
Basically, I've removed the "-in" statement that held both groups and expanded it out to the fuller "-or" equivalent.
Using your example groups, and in text form, this reads like:
user.memberOf any (group.objectId in ["GroupC"]) and
(user.memberOf any (group.objectId eq "GroupA") or user.memberOf any (group.objectId eq "GroupB"))
Cheers,
Lain
Unfortunately, I've noticed another issue. The dynamic group contains any members of Group C, whether they exist in Groups A/B or not.
Here is my query:
user.memberof any (group.objectId in ["GroupCId"]) and (user.memberof any (group.objectId eq ["GroupAId"]) or user.memberof any (group.objectId eq ["GroupBId"]))
- Alright, I'll keep tinkering with it. Thank you Lain for all of your help on this.
I can't reproduce that particular outcome.
I created another new user and added them to my Group003 (analogous to your GroupC) but they correctly don't feature in the "parent" group, Foo.
Cheers,
Lain