Forum Discussion
Dynamic Group - All Users
Hi, I recently came across a rule syntax for Dynamic Group in Azure AD where all users are added to the group looking for some documentation on this. The rule syntax was "All Users". It works, ju...
Hi Sai,
You should consider your goal here too because at its broadest, this will sweep up guest accounts and admin accounts as well as standard user accounts. What will you do with such a group? Grant it access to something, conditionally or unconditionally, deny it access to something? Think through your use case and get your exclusions/inclusions right to match that use case.
Cheers Ash
You should consider your goal here too because at its broadest, this will sweep up guest accounts and admin accounts as well as standard user accounts. What will you do with such a group? Grant it access to something, conditionally or unconditionally, deny it access to something? Think through your use case and get your exclusions/inclusions right to match that use case.
Cheers Ash
Ash_Gardiner - I agree, the reason for my question is, I was trying to restrict a dynamic group that was already in use and is pulling all users and I came across a weird syntax which is just "All Users" and no documentation anywhere and it works. screenshot below.
- In light of this screen shot, your Bing-fu is less weak than has been suggested. I can't find any mention of this and I can't build a query to match it. I validated 2x dynamic groups where I directly wrote the syntax as "All Users", then "All Devices" and they both work, so it is not unique to you. Apologies for misunderstanding your issue. The screenshot makes things clear.
