Forum Discussion
Solved
What's next for existing dynamic groups if there are no enough Entra P1 and we still need this group
We've noticed on 24' Sep. 9, Microsoft gave such heavy update. This update asks all dynamic group members to be https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-membership. We ha...
- Well we always had the P1 requirement for Entra Dynamic groups, they simply did not enforce it in code until now. They still don't check individual users afaik, but you do need to have at least one P1 license in order to create a Dynamic group. And more if you want to be compliant with the licensing requirements.
Can you point me to that announcement/message post?
As for "converting" those groups, you can simply get the current membership list and use it as basis for creating another group. Something like this:
Get-MgGroupMember -GroupId blabla | % { New-MgGroupMemberByRef -GroupId NewGroupID -OdataId "https://graph.microsoft.com/v1.0/directoryObjects/$($_.Id)" }
As for "converting" those groups, you can simply get the current membership list and use it as basis for creating another group. Something like this:
Get-MgGroupMember -GroupId blabla | % { New-MgGroupMemberByRef -GroupId NewGroupID -OdataId "https://graph.microsoft.com/v1.0/directoryObjects/$($_.Id)" }
VasilMichev Thank you for your reply, this is one note area in the post, please see following snapshot. In July I had noticed something different when I created new groups with my powershell script, and it warned lack of license at that time, but simply I ignored that (because at that time, you can still create and add membership rule via UI, it just blocks you from setting rules with PS script). Until today, I found I can't create dynamic security groups, then I found this post.
The reason why I want to shift groups' type but create new, because some groups(M365 groups) are connected with Teams/SharePoint. These groups are department groups, we want to keep these critical groups. We want to mitigate effects as much as possible.
ā
- Well we always had the P1 requirement for Entra Dynamic groups, they simply did not enforce it in code until now. They still don't check individual users afaik, but you do need to have at least one P1 license in order to create a Dynamic group. And more if you want to be compliant with the licensing requirements.
