Feb 22 2018
12:02 PM
- last edited on
Feb 06 2023
03:20 AM
by
TechCommunityAP
Feb 22 2018
12:02 PM
- last edited on
Feb 06 2023
03:20 AM
by
TechCommunityAP
@Tony Redmond on Page 535 of you book it says " cannot use an Office 365 group as a security
group". I'm confused, SharePoint online uses the Office Groups owner and member attributes to assign accounts to the SharePoint Owner and Member groups which are used for security purposes.
Can you expand on the statement in the book to help me understand what was written?
Feb 22 2018 12:43 PM
SolutionOffice 365 Groups can't be used in the same way as an AAD security group. For example, you cannot use an Office 365 Group as the basis for the RBAC permissions as deployed inside Exchange Online. But SharePoint Online has special code to allow it to use Office 365 Groups to manage membership for a site collection through the groups that you mention (a surplus of groups). These groups are a construct specific to SharePoint and do not appear when you look at Groups through the Office 365 Admin Center as they are not AAD groups. I guess to make SharePoint work, there's an internal mapping between the membership links exposed in Office 365 Groups to the owner and member groups for the site collection.
Feb 22 2018 01:02 PM
The different group types are such a clossal pain, there are three types and it seems like every app is allowed to randomly pick 1 or 2 of these not to support.
For example
It's time there was only one type of group, and collaboration features were options on each.
Feb 22 2018 01:15 PM
Not to mention the places where you can select a distribution group from a picker, but not an Office 365 group...
Jun 22 2018 05:21 AM
Is there a work around to this limitation? Maybe a dynamic security group that auto updates itself based on changes to Office 365 group?
Jun 25 2018 12:23 AM
Well. That worked. I created a dynamic security group based on a common variable and viola.
Jan 28 2019 02:40 AM
Hi,
could you further explain how to achieve this?
There is no variable like "memberOf" in the dynamic group membership settings.
Feb 22 2018 12:43 PM
SolutionOffice 365 Groups can't be used in the same way as an AAD security group. For example, you cannot use an Office 365 Group as the basis for the RBAC permissions as deployed inside Exchange Online. But SharePoint Online has special code to allow it to use Office 365 Groups to manage membership for a site collection through the groups that you mention (a surplus of groups). These groups are a construct specific to SharePoint and do not appear when you look at Groups through the Office 365 Admin Center as they are not AAD groups. I guess to make SharePoint work, there's an internal mapping between the membership links exposed in Office 365 Groups to the owner and member groups for the site collection.