AjayBathini-MSFT
commented
1 year ago @datto-cschulze Thanks for your feedback! We will investigate and update as appropriate.
Closed datto-cschulze closed 1 year ago
AjayBathini-MSFT
commented
1 year ago @datto-cschulze Thanks for your feedback! We will investigate and update as appropriate.
SaibabaBalapur-MSFT
commented
1 year ago @datto-cschulze Azure AD Dynamic Groups support nesting, which means you can create dynamic groups based on other dynamic groups. This feature enables you to build dynamic Azure AD Security Groups and Microsoft 365 groups based on other groups.
You can create a dynamic group that includes members of another dynamic group by using the memberOf attribute. However, there are some limitations to this feature. For example, you can't use one memberOf dynamic group to define the membership of another memberOf dynamic group.
In your case, you have successfully created a nested dynamic group structure with two levels. DynGroupN is a memberOf DynGroupA and DynGroupB, and DynGroupNN is a memberOf DynGroupN. Members of DynGroupA and DynGroupB appeared in both DynGroupN and DynGroupNN.
Please note that there is a limit of 500 dynamic groups using the memberOf attribute per Azure AD tenant. Also, each dynamic group can have up to 50 member groups.
You can find more information about creating dynamic groups in Azure AD in the following Microsoft documentation:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership
Further if you have any question, I'd recommend working closer with our Q&A forum by posting your issue there so our community, and MVPs can further assist you in troubleshooting this issue or finding potential workarounds.Teams Q&A forum for technical questions about the configuration and administration of Microsoft Teams on Windows.Microsoft Teams Community forum
SaibabaBalapur-MSFT
commented
1 year ago @datto-cschulze We are going to close this thread as resolved but if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.
datto-cschulze
commented
1 year ago @SaibabaBalapur-MSFT Thx for your reply! I also opened this issue bc the documentation is describing that child-groups of security groups are not included, this section even includes a drawing. IMHO it then should be mentioned, that this will work with nested dynamics groups on the other hand.
In other words: The article spends a lot of words on what is not working and very few words on what is working.
SaibabaBalapur-MSFT
commented
1 year ago @datto-cschulze Thanks for bringing this to our attention. I'm going to assign this to the document author so they can take a look at it accordingly.
@billmath Can you please check and add your comments on this doc update request as applicable.
billmath
commented
1 year ago Thank for submitting this. I have created a work item for it and will reviewing this in the coming weeks. I am not sure what the timeline will be, so I am going to close this for now. But once I have an update I will drop it in here and let you know.
Thank you!
Bill
Pls elaborate on nesting Dynamic Groups.
I was able to nest in one of my demo tenants at least 2 levels, but I would like to have an official documentation about it. Otherwise I am afraid the feature might be removed.
I successfully did the following: DynGroupA (using jobTitle as an argument) DynGroupB (using jobTitle as an argument too) DynGroupN (memberOf DynGroupA and DynGroupB) DynGoupNN (memberOf DynGroupN)
Members of GroupA and B appeared in both groups N and NN.
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.