Does SharePoint Online Cache members of Azure AD Groups

Russell Gove · ‎Feb 09 2021

Hi, and thanks for starting this forum!

We have an azure AD security group called ‘PowerApps-GCC-AM Control Group’ (ID is c2e5e562-3851-4417-a743-8b71fc43ecb6) .

The AD Group has directly been given READ permission to a SharePoint Online list called Global Complaints Webform.

A user (some.user@tenant.onmicrosoft.com) was in the AD Group previously but has been removed from the group (over a day ago).

When I check the users permission on the list SharePoint still thinks the user is in that group:

If the user browses to the list he can view the content of the list.

So it seems that SharePoint is caching the members of the AD Group somewhere.

Does anyone have any idea how to resolve this issue, or how this caching is done?

waldek · ‎Feb 10 2021

Not sure if this is still the case, but I recall in the past folks had similar issues when using AD groups on prem, where changing group membership wouldn't update ACLs in SharePoint. I don't know the solution off the top of my head, but if you'd search for the similar problem but then based on local AD, you might find a workable solution.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Does SharePoint Online Cache members of Azure AD Groups

Does SharePoint Online Cache members of Azure AD Groups

Re: Does SharePoint Online Cache members of Azure AD Groups