Link group to AD Group
Why we cannot use our group in Active Directory to create group in Teams?
Hi everyone, I wanted to check in on this ask because it’s died down since GA, and also because the ask is not totally clear to me.
Right now, we provide a way during the team creation process for you to select an existing Office 365 group. Are you asking to be able to do this same thing, but outside of Teams?
Do let me know!
Specifically, for the chat contacts, in Skype for Business I could add a group of contacts from Exchange, and if the members in the group changed then it would update my contacts list automatically. In Teams this functionality is missing, I cannot add groups from Exchange, all contacts need to be managed manually.
I do not want each new member of staff to have to manually add all their team's contacts when we have groups already setup for this. Missing this feature is a waste of staff time.
Benjamin Gilardi commented
We would like to manage Team membership by referencing an Active Directory group.
Bill Wesson commented
I would like to dynamically add and remove team members based upon being added or removed from an on-premise AD security group. Without this feature, management wants to explore alternatives to Teams.
Ask here is to be able to create meeting with existing group for Onprem synced group (Groups which are created onprem ad and then synced to online AD)
I think where the confusion perhaps comes in is with the word "link". The reality here...and this goes for every system that Microsoft ever creates in the post Bill Gates / Steve Balmer era (as those guys and their legions at the time intrinsically understood this)...is that if you can add or remove a user to something and/or assign permissions to a users, you must be able to do the exact same thing for a group. Everywhere you interact with a user, please provide interaction with an AD group in the same manner.
We don't want syncing, we don't want linking, we don't want importing. We want a group to work just like a user. It has work this way in the Windows world for eons. We want the same across the board in Azure.
Agree with the general comments and have another take: in Skype, in my contacts, I can create a group and add an AAD group to it. From that point on, that contact group adjusts as the AAD group membership changes. The fact that Teams does not fundamentally see how corporations rely on AD and AAD to manage the organization.
1. Invite users to a team by using an AD group. This works.
2. When I add users to AD group, they are not invited to the team. But I think they should.
We have a bunch of role-based AD groups, and using them with Teams would be a great advantage.
Bogdan Manolache commented
I think I just duplicated this request:
It's fairly straight forward. We manage an on premise AD and sync to Azure AD. We manage all user permissions with AD groups. Anything other than that quickly becomes unmanageable. So we need to use AD groups to assign rights to teams so that we can have total visiblity of a users's rights in the event of audit, account deactivation or change of duties. Specifically too, it should be possible to assign different AD groups different rights in a team, ie not a 1:1 relationship between the team and the AD Group.
Seems like such an obvious link to make after adding azuresync.
1 :1 synchronisation between ad security group and a team is a must have functionality
One more thing.
I am gonna assume this feature will come in the future :).
So.. By the time you implement this feature, please make sure we have the ability to merge team/groups. As right now we already have created a team consist of our Active Directory Group(duplicate group in Office User Group)
This is regarding having Active Directory Group, as a default created group on Teams.
As you may know, being in MS environment with Active Directory, we set people into groups(which essentially Department in my organization).
This will be a perfect group to start Teams with, instead of creating new group.
Well of course we still need all the functionality of current Teams creation, but having a button with a function to create group based on Active Directory make our life easier.
After all if we see from Office Portal, the teams we created on Teams shows up as a group, along with groups from Active Directory.
John Berlo commented
This is a definite need for us as well. Being a hybrid environment, we need to maintain AD groups. Going through a process to add new team members to both an AD group and a team would be quite a burden and take a portion of an FTE.
I will add my voice to this thread, as this is a very basic idea that should have been implemented from the start. Please allow the use of AD groups to add members to a TEAM!!
We have location based on-premise security groups (i.e TorontoStaff, RedmondStaff etc). These get automatically populated by HR system and sync to AAD using AAD connect. We don't have on premise Exchange so group write-back is not an option.
We are noticing stale groups and also users are hesitant to be the owner of a group because they would need to manage membership.
If O365 groups/teams could auto sync with on-premise managed groups, it would definitely increase the adoption of O365 Teams. It can be a simple interface that would allow group owners to list groups that they want to sync from.
Joel Pfund commented
I'ld like to use AD group to manage access to Teams ! Would be a great feature !!
Still waiting for this essential feature.
I would also like to have the functionnality to use AD group for Office 365 Teams without having to use Office 365 Groups....
This would take the product to a new level. We currently have to manage two sets of groups, AD and O365 groups.
Jeremy Good commented
Please add the ability to link AD groups to a team/group. Thanks!