cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Morten Myrstad
Steel Contributor

‎Nov 08 2016 07:53 PM

‎Nov 08 2016 07:53 PM

How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I have two issues concerning management of membership in Groups:

1. In the Outlook Widget, I see that I can add another O365 Group as a member in an O365 Group. But what does it mean? It seems like I am then adding the individual members from the other groups as members, not the Group as such? Or is the meaning of this that I should be able to manage individuals for instance in a "mother" group, and then add the group itself to another group as a nested group? Why don´t I then see the group in the membership list?

2. Security Groups and mail-enabled security groups seems to be a better way to manage a company or department team on a regular basis. But it does not seem that I am able to add an AD Security Group as a member in an Office 365 Group. Am I missing something, and/or is this on the roadmap?

Labels:
58.3K Views
6 Likes
41 Replies
Reply
41 Replies
John Peluso

‎Jun 23 2017 04:40 AM

‎Jun 23 2017 04:40 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Hey all... we've just added a solution in our product that allows you to associate an O365 Group with one or more AD Security groups and have membership synced daily. PM me if you want more info on the apporach we used as I don't want to market all over this thread.

2 Likes
Reply
Vikas Aggarwal

‎Jul 20 2017 02:33 AM

‎Jul 20 2017 02:33 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

@Eric_H,

 

Share you concern.

 

I am not sure what's your definition of Enterprise. We are a 60 people company and need the nested membership feature as desparately as you do. Hoping to see something sooner than later.

2 Likes
Reply
Christophe Fiessinger

‎Aug 28 2017 08:47 PM

‎Aug 28 2017 08:47 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

we don't have any update to share at this stage. FYI @Mike McLean (OFFICE)

0 Likes
Reply
Sebastian Karasek

‎Sep 13 2017 08:13 AM

‎Sep 13 2017 08:13 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I also want to add my vote for this feature we really need it.

1 Like
Reply
Andrew ROOB

‎Sep 21 2017 10:46 PM

‎Sep 21 2017 10:46 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Just wanted to add our request for this.

 

Not being able to use our existing AD groups to maintain SPO membership for site is terrible.

 

60,000 users that have existing AD security groups for business units already, is not something I want to have to replicate or update in 2 locations.

 

Cheers

1 Like
Reply
Brett Slaght

‎Oct 12 2017 02:15 PM

‎Oct 12 2017 02:15 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I can't say enough how much this is required.  It kills me that I have to create the same business unit groups in both On-Prem and Office 365 groups, it just makes no sense.

 

I can only assume it is a plan to get people to upgrade to Azure AD Premium, whihc is terribly overpriced.  

 

Please get this figure out, it is preventing us from moving forward with using our SharePoint investment.

3 Likes
Reply
Eric_H

‎Oct 12 2017 02:26 PM - edited ‎Oct 12 2017 02:29 PM

‎Oct 12 2017 02:26 PM - edited ‎Oct 12 2017 02:29 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Did you see that Group Writeback is in preview for Azure AD Connect?  I have not tested it yet, but based on comments it still needs improvement.

https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-feature-...

0 Likes
Reply
Martin Smith

‎Nov 24 2017 12:33 AM

‎Nov 24 2017 12:33 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I too would like to add to this. An absolute pain in adding members .

 

Absolutely nothing available for Hybrid set ups.  Having to replicate everything in two places is just ridiculous.

0 Likes
Reply
Martin Smith

‎Nov 24 2017 01:12 AM

‎Nov 24 2017 01:12 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I too would like to add to this. An absolute pain in adding members .

 

No simple powershell available for Hybrid set ups.  Having to replicate everything in two places is just ridiculous.

0 Likes
Reply
Jeremy Stewart

‎Feb 12 2018 12:51 PM

‎Feb 12 2018 12:51 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Technically there's nothing that can't be done, but MS nudges you to the next tier constantly. 

  • SharePoint (which is everything on the back end) will let you go so far as to add synced security groups without write-back.... but you need O365 Business Premium for that. 
  • Teams will let you import a security group into a teams security group, but no sync there, so you're managing two groups (but at least you have the import). You also need O365 Business Premium, so why not just stick with SharePoint unless you're using the Skype integration (TBR). 
  • Groups won't let you do squat other than add members. Have fun with that.
  • Write-back? OMG... AAD P1 pricing is ridiculous.. at almost $8/user/month, you're looking at over $55k/yr on a 300 user compliment, just for full sync! Sick. So you're now being nudged to M365 E3 since you may as well be getting more out of it than just AD syncing. (All M365 offerings nudge to enterprise). 

I used to complain about trims on new cars, or cable TV packages... but MS just took the cake. 

 

 

2 Likes
Reply
Ian Moran

‎Mar 15 2018 02:26 PM - edited ‎Mar 15 2018 02:26 PM

‎Mar 15 2018 02:26 PM - edited ‎Mar 15 2018 02:26 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Had this very discussion today on a client site - large EDU customer. Now we do have AAD P1 licenses so can avail of Dynamic Groups in Azure. Seems sensible therefore to base membership off of the Department attribute - but, with this client they tell me that Department names often change so we'd end up with complex membership generation rules.

 

I can only assume the thinking here by Microsoft is that on-premise AD Security groups, manged by Admin, continue to secure local resources and that Office 365 Groups are managed, not by Admin but by the end users. So yes, we end up with two sets of groups essentially.

 

Not a great end result.

 

 

0 Likes
Reply
Chiranjib Mazumdar

‎Mar 24 2018 02:42 AM

‎Mar 24 2018 02:42 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Hi - Can you kindly elaborate.

 

Regards,

Chiranjib

0 Likes
Reply
John Peluso

‎Mar 27 2018 04:29 PM

‎Mar 27 2018 04:29 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

APIs are available to read AAD security group memberships, as well as write/modify O365 Group memberships--- you can build your own hooks between and keep select groups synced with a periodic sync. We've done something similar but productized it.

1 Like
Reply

‎Apr 04 2018 02:03 AM

‎Apr 04 2018 02:03 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Hi John, yould you elaborate more on this please? Do you have some links to resources I could use? Your Input is highly appreciated. 

0 Likes
Reply
John Peluso

‎Jun 06 2018 05:37 AM

‎Jun 06 2018 05:37 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

Hi Marc, this is referring to the way we implemented a spin on dynamic group membership in our Cloud Governance solution--- essentially you can base O365 group membership on AAD security groups and we will keep them synced... PM me if you want more info...

1 Like
Reply
Daniel Hrvatin

‎Jun 12 2018 06:34 PM

‎Jun 12 2018 06:34 PM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

So in short - you can not manage Office 365 Groups permissions based on groups/security groups/distribution groups ?

0 Likes
Reply
Cameron Gocke

‎Jun 13 2018 05:34 AM

‎Jun 13 2018 05:34 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

I've been following this for a while now.  If anyone hasn't already, please go vote for this idea here: https://office365.uservoice.com/forums/286611-office-365-groups/suggestions/33942997-add-security-gr...

0 Likes
Reply
Forrest Hoffman

‎Jun 13 2018 08:40 AM

‎Jun 13 2018 08:40 AM

Re: How to manage O365 Group membership through AD Security Groups and/or nested O365 Groups?

You may find this amusing. We actually have a List on SharePoint that is a manually edited list which contains entries from the Office 365 Admin UI and the ECP so that people that are not Admins can see the groups and the members. Whenever we make a change to either one we have to update the others. Takes too much time when we hire new staff (or staff leave) that is in multiple DL, Shared Mailbox, or Security groups. Now we have to deal with O365 groups?
0 Likes
Reply