Feb 17 2022 08:37 AM
Our business with a single forest is doing the two nested group method for everything. I have heard in discussions that in the Azure world this is no longer recommended practice and really only applied to multi domain worlds in the first place.
Is there any documentation on guidance and recommendations on not using nested groups?
Feb 17 2022 08:56 AM
There is limited support for nested groups within Azure AD. Per the following doc (Service limits and restrictions - Azure Active Directory | Microsoft Docs), nested groups are only supported in certain scenarios. I've posted an excerpt from the doc below:
At this time, the following scenarios are supported with nested groups:
The following scenarios are not supported with nested groups:
Feb 03 2023 11:58 AM
Aug 08 2023 08:52 AM
Sep 25 2023 05:29 AM
@rejohnson The document does not state any limitations in number of groups nested in a certain group nor does it mention if there is a limitation how deep you can nest. That indeed is stupid of the document and a very valid question. The document only talks about what you can and cannot use nested groups for. Would be nice if MS would improve this document so it does not leave obvious questions unanswered.