SDS Security Groups


School Data Sync (SDS) imports user data from the Student Information System (SIS). As each student and teacher is synced, SDS writes the student or teacher roles as an attribute on each user object in Azure Active Directory. Each student and teacher synced is also associated to one or more schools, which is written as another attribute on each user object. SDS uses this same information to create and manage several SDS Security Groups, which has a variety of administrative uses within Azure Active Directory and Office 365.

SDS will create and keep these security groups updated over time as they change, as new students and teachers are synced, or school associations are updated in the SIS. To enable SDS Security Groups, navigate to the SDS Setting Page, and toggle on the Security Groups you want to create.

All Teachers

Contains all teachers synced via SDS

All Students

Contains each student synced via SDS

School Security Groups

SDS will create two Security Groups for each School synced:

Teachers - School Name

Contains all teachers synced and associated with the school.

Students - School Name

Contains all students synced and associated with the school.

Enabling and Disabling the Security Groups

On the SDS Settings page, Security Groups can be quickly enabled or disabled by clicking the toggle switch for each group type.

Enabling Security Groups

After enabling the Security Groups in SDS, the groups will be created on the next sync cycle. SDS will create new groups and update group memberships on every sync cycle from that point forward.

Disabling Security Groups

If the SDS Security Groups are disabled, SDS will stop creating and updating memberships for groups of that type. Once disabled, any existing Security Groups created by SDS can be edited or deleted manually, as needed. SDS will not delete previously created SDS Security Groups.

Using the SDS Security Groups

The SDS Security Groups can be used in a variety of administrative functions within Azure Active Directory and Office 365. Below are some of the most common uses of the SDS Security Groups:

  1. Intune for Education Device Policy
  2. Mobile Device Management Policy
  3. Group Based Licensing
  4. Conditional Access
  5. Group and Team Creation Policy
  6. Teams Messaging and Chat Policy
  7. Self Service Password Reset