Forum Discussion
How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?
I've read some other posts about this issue and there seems to be a core misconseption from MS of how larger organizations utilize Security Groups (Yes, they still have a purpose). If Microsoft's mindest is 365 groups being used in the cloud for a small organization, there is no reason for linking to security groups. But larger organizations need security groups on prem, and as other posters have mentioned, there are likely to be many 365 groups with the same members. Let's pretend we have a group called "accounts_payable". The group has access to ERP system assets, File servers (yes, not all files moved to SP yet), BI systems and then a 365 group is created for their team. Then a few other 365 groups are created for projects for that team. Now we're managing users in multiple groups that all should have the same membership? This type of mindset simply doesn't work at the enterprise level. I keep seeing examples like this that make me wonder if 365 is designed for cloud only Small Businesses.
Does anyone have suggestions or examples on how they're managing and tracking their security + 365 groups? A spreadsheet? The thought makes me nauseous.
- Vikas AggarwalJul 20, 2017Copper Contributor
Share you concern.
I am not sure what's your definition of Enterprise. We are a 60 people company and need the nested membership feature as desparately as you do. Hoping to see something sooner than later.
- Forrest_HJun 13, 2018Steel ContributorYou may find this amusing. We actually have a List on SharePoint that is a manually edited list which contains entries from the Office 365 Admin UI and the ECP so that people that are not Admins can see the groups and the members. Whenever we make a change to either one we have to update the others. Takes too much time when we hire new staff (or staff leave) that is in multiple DL, Shared Mailbox, or Security groups. Now we have to deal with O365 groups?