Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Dynamic AD group

Iron Contributor

Hi Experts

I am using exchange hybrid environment, all my users are created on onprem and migrated to cloud. for example i have user1 whose department number is 100, every user has department number in AD attribute. i have another user whose department number is 101. my requirement is to add these users to office365 unified group dynamically, i.e user whose department number is 100 or 101 should be added to this office365 group dynamically and if tomorrow employee leaves the company it should be removed automatically,or is it possible to create a dynamic group in Azure AD to pull the members of department 100 and 101 and add this group to office365 unified group. Experts guide me on this.

2 Replies

@Roger Roger Yes, if you have a Azure AD Premium subscription you can utilize Dynamic Groups as per your requirements.

 

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership

 

In your case the syntax would be "(user.accountEnabled -eq true) and (user.department -eq "100") or (user.department -eq "101")". This would allow all enabled users with these values in the Department Attribute to be added dynamically to this group. Provided that their account gets disabled when their employment ends, they lose membership to this group.

 

Regards,

 

Viktor

@Roger Roger I agree with the comment of Victor

Create an O365 Group and use Dynamic User:

JordyBlommaert_0-1589292556515.png

Use following dynamic query:

JordyBlommaert_1-1589292587276.png