Share via

Adding a AD group to teams

IBN 4,351 Reputation points
2022-02-04T13:25:24.217+00:00

Hello Microsoft Community,

Please I need your help on this.

One of our customers reported this issue to us.

They would like to add an on-prem AD group to a active team. Example: AD group All Teachers becomes a member of Staff Drive Team.

They would like to know how you add an on-prem group to a Microsoft 365 Team.

The idea is that anyone added to the on-prem security group would automatically gain access to the 365 team.

Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
9,254 questions
0 comments
Accepted answer
  1. Vasil Michev 97,076 Reputation points MVP
    2022-02-04T14:20:36.63+00:00

    "Nesting" groups is not yet supported for Teams, so you cannot use this approach. You can "add" a group as member via the Teams client, but that simply takes the current membership of the group, so not what you are asking for. Instead, you can use Teams with Dynamic membership rules, as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership

    In all cases, the group must be synced to Azure AD, you cannot use purely on-prem one.

    2 people found this answer helpful.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Forrest Dean 6 Reputation points
    2022-12-01T14:09:30.983+00:00

    This is one of the main reasons why we don't use Teams. We still have to use other software for our instant messaging needs because Teams does not have the capability to integrate Active Directory. What's more, we can't even divide our departments each with their own team without them being limited to only their team. In other words, one department can't send a message to another department unless they are a member of that team, which basically means everyone would have to be a member of every team if the user wanted to send a message to any of the other teams/departments which defeats the purpose of having separate teams. So if I wanted to send a message to a specific department, I would have to temporarily become a member of that team and then remove myself from that team when I'm done.

    You would think given that Active Directory is a Microsoft design that Microsoft Teams would have better inter-network capabilities.

    1 person found this answer helpful.
  2. Davy Priem 0 Reputation points
    2024-05-13T06:52:14.97+00:00

    There is now a solution (preview) available for this. See https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-rule-member-of

    0 comments