cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
lkaspar
Resolver I
Resolver I

Create Team with All Users

I am trying to assign security roles to all users in an environment. I do not want to do this on a 'Business Unit' level as that would mean every time we need to update the 'all users' permissions, we would need to do it for every Business Unit.

 

My plan was to create a dynamic Azure Active Directory group which holds all members in the tenant. I then create a new team of type 'AAD Security group' and assign that team the appropriate permissions. However, when I try to create it, I get the following error message

 

Unknown error. Please try again later.Error Details:The group whose AzureActiveDirectoryObjectId = xxxxxxx is not an AadGroup or OfficeGroup, the attribute GroupTypes are = DynamicMembership.

 

lkaspar_0-1636353337144.png

 

It looks like it is not possible to use an dynamic AAD Security Group.

 

Does anyone know how to get around this limitation or other approaches to assign security roles to all users in an environment?

3 REPLIES 3
dpoggemann
Super User
Super User

Hi @lkaspar 

 

The mapping of a "Dynamic User" security group is not supported for mapping to a Team in Dataverse as described in this article: (https://docs.microsoft.com/en-us/power-platform/admin/manage-group-teams#using-azure-active-director...)

 

You would need to add the users to an All Employees Security Group in Azure AD manually (or maybe through a flow?) to get them to map to a team in Dataverse. 

 

Please accept if answers your question or Like if helps in any way.


Thanks,

Drew

Hope this helps. Please accept if answers your question or Like if helps in any way.
Thanks,
Drew

Hey @dpoggemann ,

 

thanks for the reply. I was trying to avoid having to manually add and remove users to this group. 
Do you know of another method to get access to all D365/Dataverse users in an environment?

 

Thanks - Lukas

dpoggemann
Super User
Super User

hi @lkaspar ,

 

No I do not.  The Security Group approach is the approach I have used primarily but yes, you need to manually add the users to the security group.

 

Thanks,


Drew

Hope this helps. Please accept if answers your question or Like if helps in any way.
Thanks,
Drew

Helpful resources

Announcements
Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Power Platform Call June 2022 768x460.png

Power Platform Community Call

Join us for the next call on June 15, 2022 at 8am PDT.

PA Virtual Workshop Carousel 768x460.png

Register for a Free Workshop

This training provides practical hands-on experience in creating Power Apps solutions in a full-day of instructor-led App creation workshop.

PA.JPG

New Release Planning Portal (Preview)

Check out our new release planning portal, an interactive way to plan and prepare for upcoming features in Power Platform.

Users online (4,400)