Home

Use AD security group as o365 distribution group

Cade Michaels
Occasional Visitor
O365 question.

We have our on premise Active Directory setup to Sync with O365. In active directory I have a security group named "Quickbooks Users" which gives those users access to the quickbooks files. I would like to setup a distribution group that is dynamic to the security group so I do not have to maintain 2 different groups. Any suggestions on the best way to accomplish this? I don't even see AD security groups in Exchange to convert them to Mail Enabled security groups and I do not see a way to create a dynamic group based on another group.
3 Replies
Try this:
Use the Enable-DistributionGroup cmdlet to mail-enable existing universal security groups and universal distribution groups that aren't already mail-enabled.
ref: https://docs.microsoft.com/en-us/powershell/module/exchange/users-and-groups/enable-distributiongrou...
The Command would be: Enable-DistributionGroup -Identity "Your Security Group"
Once you sync this group I would assume that it would be a Mail enabled security group in Office 365. This would thus dynamically change based on what you do OnPrem, and could also be used to send emails to.

I've found that just adding an email address to a security group in on-prem AD changes the group to an email-enabled security group in O365. This should work if you don't already have an O365 distribution list with the same email address.

 

I haven't been game to try and convert existing O365 distribution lists to mail-enabled security groups in AD yet. I'm sure it's as easy as deleting the O365 group and adding the email address to the AD security group.

Yeah, this should be correct! Mail anable the groups and sync! Make sure the mail attribute and proxyaddresses is populated with the mail address

Adam