Forum Discussion
Dynamic group membership rules stopped working
We've been using the following the following dynamic membership rule to check if a user is a member of another group: user.memberOf -any (group.objectId -in ['2b930be6-f46a-4a70-b1b5-3e4e0c483fbf...
- Avoid the use of the https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-rule-member-of operator if possible. It's currently in preview, and it comes with bugs and limitations. It can also introduce more complexity, particularly if a tenant has a large number of groups or frequent updates. The recommendation is to delete existing memberOf groups in your tenant.
From <https://learn.microsoft.com/en-us/entra/identity/users/manage-dynamic-group#optimizing-rule-efficiency>
I don't think this feature will make it out of preview -- I could be wrong