cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Paul Trower-mm
Brass Contributor

‎Oct 31 2016 09:06 AM

‎Oct 31 2016 09:06 AM

Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Hi,

 

Like many companies we are split into Units and Divisions, and those Divisions have teams within them.

 

Here is the problem...

I am in the IT department.

In the IT department we have many team sites (applications, networks, infrastructure etc.)

We use the standard owners, members and visitors groups to control access to the sites.

How can I give visitor access to all people in IT to the IT Team Sites, such that it updates daily based on an attribute equalling 'IT'.

 

I am not an Active Directory or Exchange expert so apologies if I get any of my terminology wrong!

 

Note: we are a hybrid configuration of Office 365 with Exchange /  AD on Premises.

 

I have done a little bit of research and it seems that at the moment:

  • AD security groups can be added to the visitors list (i.e. they appear in the people picker) but these aren't dynamic lists
  • Distribution lists can't be added to the visitors list (i.e. they don't appear in the people picker) but these can be made to by dynamic

 

How can I get around this problem?

 

Thanks,

Paul

Labels:
3,955 Views
1 Like
5 Replies
Reply
5 Replies
Ian Moran

‎Nov 01 2016 03:45 PM

‎Nov 01 2016 03:45 PM

Re: Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Use membership of security groups in AD to control access by adding these groups to your SharePoint Groups.

 

0 Likes
Reply
Dean Gross

‎Nov 01 2016 04:47 PM

‎Nov 01 2016 04:47 PM

Re: Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Do you have Azure AD Premium? it comes with the Enterprise Mobily + Security license. If so, you can create a new group that dynamically maintains its members, see https://azure.microsoft.com/en-us/documentation/articles/active-directory-accessmanagement-groups-wi....

 

You can then put this group into a SP Group that implements the desired permissions on the appropriate SP objects (lists/libraries/sites)

1 Like
Reply
Paul Trower-mm

‎Nov 02 2016 09:50 AM

‎Nov 02 2016 09:50 AM

Re: Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Ian, do I need AADP to do this, or will any version of AD suffice?

0 Likes
Reply
Paul Trower-mm

‎Nov 02 2016 09:50 AM

‎Nov 02 2016 09:50 AM

Re: Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Thanks, Dean - I'll check out our AADP status.

0 Likes
Reply
Ian Moran

‎Nov 02 2016 09:53 AM

‎Nov 02 2016 09:53 AM

Re: Dynamic Permissions using AD Groups or Exchange Distribution Lists on SharePoint Team Sites

Any version, but for what @Dean Gross describes, AADP is required for all users that are to be included in dynamic groups

0 Likes
Reply