- last edited on
Wanting to move to Group base licensing; however, Azure AD having issues reading the membership from a MIM manage mail enable security group.
I have a MIM group with a mail nickname "GROUP_NAME" and the Dynamic Membership Rule ((user.accountEnabled -eq True) -and user.mailNickName -eq "GROUP_NAME"). It's been over a week and still no members.
This MIM mail enable security group has four levels of nested groups, this group sync to Azure using one version behind the lastest version of Azure AD Connect.
Question: Does a Azure AD Dynamic Group using Dynamic Membership Rule have an issue reading nested groups?
11-19-2018 06:52 AM
Your suspicion is correct - at this time, Azure AD group-based licensing does not support nested groups: Azure AD group-based licensing limitations and known issues
It looks like they are working on it as it is a requested change on User Voice, but never hurts to upvote to let them know you still care! :)