Feb 03 2023 04:22 AM
I recently created my first dynamic 365 group in Azure. Defined the membership rules, then set up an MS Team based on the group. Confirmed in Teams that the membership was as I'd expect. Went back to Azure and added a new criterion to the dynamic membership rules. Confirmed that this was reflected correctly in Teams. All good so far. I now need to change the dynamic membership rules again, but I'm denied access! I can't view the current rules or edit them. The error message says "No access", "Resource ID - not available", and "Error code 403". One of my colleagues with full admin rights has tried to create a new dynamic 365 group and is unable to. Any ideas what's going on?? How do we troubleshoot this?
Feb 04 2023 09:41 PM - edited Feb 06 2023 06:36 AM
This error message is indicating that the current user does not have the required permissions to access the Azure AD dynamic group. To troubleshoot this, check if the user has been assigned the correct role in Azure AD. Make sure the user has at least the "Global administrator" role or the "Cloud device administrator" role.
If the user still doesn't have the necessary permissions, check if there are any Azure AD policy restrictions in place that could be blocking access. You can do this by navigating to the Azure AD portal, going to the "Azure Active Directory" section, policies in place that might be blocking the ability to edit the dynamic group rules.
Feb 05 2023 04:45 PM
Seems related to permission issue, please check your IAM assignment
Feb 06 2023 06:09 AM
Feb 06 2023 06:17 AM
Feb 06 2023 06:35 AM - edited Feb 06 2023 06:39 AM
Try using a different account with administrative permissions to see if that resolves the issue or
Ensure that the Azure Active Directory service is functioning correctly and there are no known outages affecting the service.
Feb 06 2023 06:37 AM
Feb 06 2023 06:41 AM
Dynamic group memberships have not been updated due to system delays. We’re working to resolve the issue.