Security groups are often used to protect access to resources, but they can’t be used to control membership for Office 365 Groups or Teams. If you want to use AAD security groups to control membership for Groups and Teams, you need to come up with a way to synchronize. PowerShell is available to do the job, and as it turns out, it’s not too difficult.
Some will tell you that you can figure out what resources an Office 365 Group is connected to by checking the ProvisioningOption property with the Get-UnifiedGroup cmdlet. Well, you can’t. If you want to do something like check for team-enabled groups, you’ll need a different approach.
A demo to show how easy it is to use PowerShell to manage Office 365 Groups and Teams was progressing nicely at the UK Evolve conference when a problem happened with code that used to run perfectly. Sounds like a normal programming situation, but in this case, Microsoft had changed the format of Office 365 audit records for Azure Active Directory operations. That’s not so good. What’s worse is that some essential data is now missing from the audit records.
Hanging on to old email habits is a bad idea, especially if you use a cloud service like Office 365 where Microsoft introduces a steady stream of new features. The worst bad habit is password sharing. It’s time to stop this now.
Some say that Microsoft Teams doesn’t support dynamic Office 365 Groups. Well, I couldn’t find anything formal on the topic and the teams that I have configured to use dynamic groups work well, so what’s the real scene? As it turns out, Microsoft is still working on the feature.