cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Home

Azure AD Security Group - Can I mail enable the group?

%3CLINGO-SUB%20id%3D%22lingo-sub-134353%22%20slang%3D%22en-US%22%3EAzure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134353%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20any%20way%20to%20mail%20enable%20an%20azure%20ad%20security%20group%3F%20This%20group%20is%20built%20in%20azure%20ad%20to%20take%20advantage%20of%20the%20robust%20Dynamic%20membership%20capabilities%2C%20and%20we%20would%20like%20to%20mail%20enable%20it%2C%20but%20not%20make%20it%20an%20office%20365%20group.%20We%20do%20not%20want%20it%20to%20have%20a%20sharepoint%20or%20planner%20or%20any%20of%20the%20other%20stuff%20that%20comes%20with%20an%20office%20365%20group.%20We%20just%20want%20the%20dynamic%20membership%20capabilities%20of%20the%20azure%20security%20group%2C%20as%20well%20as%20mail%20delivery%20to%20the%20group%20members.%20When%20creating%20the%20group%20it%20only%20gave%20us%20a%20slider%20that%20said%20enable%20office%20features%20yes%2Fno%20and%20I%20chose%20no.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-134353%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EGroups%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-150762%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-150762%22%20slang%3D%22en-US%22%3E%3CP%3EYes%2C%20this%20will%20be%20working.%20You%20can%20use%20OPATH%20filter%20in%20the%20-Recipientfilter.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134509%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134509%22%20slang%3D%22en-US%22%3E%3CP%3EYup%2C%20as%20usual%20the%20UI%20only%20exposes%20some%20options%2C%20if%20you%20want%20better%20granularity%20you%20have%20to%20use%20PowerShell.%20Office%2C%20department%2C%20%22domain%22%20even%20can%20all%20be%20used%20to%20create%20DDG.%20The%20problem%20with%20those%20however%20is%20that%20you%20cannot%20use%20them%20to%20delegate%20permissions%20-%20they%20are%20not%20a%20security%20principal.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134397%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134397%22%20slang%3D%22en-US%22%3E%3CP%3EActually%2C%20I%20think%20I%20found%20the%20powershell%20commands.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENew-DynamicDistributionGroup%20-Name%20%22%23Test2%22%20-RecipientFilter%20%7B(RecipientType%20-eq%20'UserMailbox'%3CBR%20%2F%3E)%20-and%20(OFFICE%20-eq%20'TEST%20OFFICE')%7D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134392%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134392%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E.%20That%20is%20what%20I%20suspected.%20When%20going%20with%20the%20Dynamic%20DG%20in%20Exchange%20Admin%20Center%20I%20only%20have%20a%20couple%20of%20options%2C%20Company%2C%20State%2C%20Department%20to%20choose%20from.%20Any%20way%20for%20me%20to%20use%20the%20Office%20Location%20instead%20without%20copying%20it%20to%20a%20custom%20attribute%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20739px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F25146iBFCF3B0E61A7C9CA%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22dynamicOptions.PNG%22%20title%3D%22dynamicOptions.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134382%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Security%20Group%20-%20Can%20I%20mail%20enable%20the%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134382%22%20slang%3D%22en-US%22%3E%3CP%3ENope%2C%20you%20cannot%20have%20it%20all.%20If%20you%20want%20it%20to%20stay%20dynamic%20and%20use%20it%20as%20security%20principal%2C%20it%20cannot%20be%20mail-enabled.%20If%20you%20scrap%20the%20dynamic%20part%2C%20you%20can%20create%20Mail-enabled%20security%20group%20in%20Exchange.%20If%20you%20can%20leave%20without%20the%20security%20part%2C%20create%20dynamic%20DG%20in%20Exchange.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Robert Woods
Robert Woods
Super Contributor

‎12-05-2017 10:52 AM

‎12-05-2017 10:52 AM

Azure AD Security Group - Can I mail enable the group?

Is there any way to mail enable an azure ad security group? This group is built in azure ad to take advantage of the robust Dynamic membership capabilities, and we would like to mail enable it, but not make it an office 365 group. We do not want it to have a sharepoint or planner or any of the other stuff that comes with an office 365 group. We just want the dynamic membership capabilities of the azure security group, as well as mail delivery to the group members. When creating the group it only gave us a slider that said enable office features yes/no and I chose no.

Labels:
11.7K Views
0 Likes
5 Replies
Reply
5 Replies
Vasil Michev

‎12-05-2017 11:39 AM

‎12-05-2017 11:39 AM

Solution

Re: Azure AD Security Group - Can I mail enable the group?

Nope, you cannot have it all. If you want it to stay dynamic and use it as security principal, it cannot be mail-enabled. If you scrap the dynamic part, you can create Mail-enabled security group in Exchange. If you can leave without the security part, create dynamic DG in Exchange.

Best Response confirmed by Robert Woods (Super Contributor)
1 Like
Reply
Robert Woods

‎12-05-2017 11:46 AM - edited ‎12-05-2017 11:46 AM

‎12-05-2017 11:46 AM - edited ‎12-05-2017 11:46 AM

Re: Azure AD Security Group - Can I mail enable the group?

Thanks @Vasil Michev. That is what I suspected. When going with the Dynamic DG in Exchange Admin Center I only have a couple of options, Company, State, Department to choose from. Any way for me to use the Office Location instead without copying it to a custom attribute?

 

dynamicOptions.PNG

0 Likes
Reply
Robert Woods

‎12-05-2017 12:02 PM

‎12-05-2017 12:02 PM

Re: Azure AD Security Group - Can I mail enable the group?

Actually, I think I found the powershell commands.

 

New-DynamicDistributionGroup -Name "#Test2" -RecipientFilter {(RecipientType -eq 'UserMailbox'
) -and (OFFICE -eq 'TEST OFFICE')}

2 Likes
Reply
Vasil Michev

‎12-05-2017 11:00 PM

‎12-05-2017 11:00 PM

Re: Azure AD Security Group - Can I mail enable the group?

Yup, as usual the UI only exposes some options, if you want better granularity you have to use PowerShell. Office, department, "domain" even can all be used to create DDG. The problem with those however is that you cannot use them to delegate permissions - they are not a security principal.

1 Like
Reply
Róbert Formódi

‎01-31-2018 05:59 AM - edited ‎01-31-2018 06:00 AM

‎01-31-2018 05:59 AM - edited ‎01-31-2018 06:00 AM

Re: Azure AD Security Group - Can I mail enable the group?

Yes, this will be working. You can use OPATH filter in the -Recipientfilter.

0 Likes
Reply
Related Conversations
Tabs and Dark Mode
 cjc2112 in Discussions on 09-18-2019
46 Replies
Extentions Synchronization
 Deleted in Discussions on 11-13-2019
3 Replies
Stable version of Edge insider browser
 HotCakeX in Discussions on 10-12-2019
35 Replies
How to Prevent Teams from Auto-Launch
 chenrylee in Microsoft Teams on 06-27-2019
30 Replies
flashing a white screen while open new tab
 Deleted in Discussions on 10-05-2019
14 Replies
Security Community Webinars
 Valon_Kolica in Security, Privacy & Compliance on 10-22-2019
13 Replies