web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / BC on-premise user per...
Small and medium business | Business Central, N...
Answered

BC on-premise user permission management through Azure AD Groups - can it be done?

(0) ShareShare
ReportReport
Posted on by KasparsSemjonovs 4,840 Super User 2026 Season 1

Hello,

I want to understand if this is actually manageable for on-premise environment, or this is intended only for the BC cloud/online option.

We have Windows groups that are synced with Azure AD groups. 
In BC we create a user card for the group with type Windows Group, and add permissions. 

On the user Card - there are no permissions. 

When user logs in through link that uses Windows authentication - all works great - the only downside is the additional credential entering at login.
When we add the Microsoft 365 e-mail in the user card, and he uses a link that uses O365 authentication - in the BC user card we see that the Status becomes Active - so the login was successful, but the user doesn't have any permissions. 


Is there a way that BC can read the users Azure AD group memberships and assign permissions to user based on Azure AD group? (in Azure the BC app has been given permissions to read users, group memberships etc.)

Thanks for Your time!

I have the same question (0)
  • DAnny3211 Profile Picture
    DAnny3211 11,423 Super User 2026 Season 1 on at

    hi

    look this

    learn.microsoft.com/.../authenticating-users-with-azure-active-directory

    DAniele

  • KasparsSemjonovs Profile Picture
    KasparsSemjonovs 4,840 Super User 2026 Season 1 on at

    Hi, Daniele,

    we tried this with BC 19.5 with no success.

    and also we tried this with latest BC21.2 : learn.microsoft.com/.../authenticating-users-with-azure-ad-openid-connect

    The results were the same as described in initial post.

    I cannot tell for sure - there is a possibility that we might have configured something wrongly - but tried this several times and the result is always the same. So looking if anyone has succeeded this for on-prem BC.

  • Verified answer
    Marco Mels Profile Picture
    Marco Mels Microsoft Employee on at

    Hello,

    This is on the ideas site and also under discussing within product group:

    experience.dynamics.com/.../

    Hope this clarifies.

  • KasparsSemjonovs Profile Picture
    KasparsSemjonovs 4,840 Super User 2026 Season 1 on at

    Thanks, Marco,

    so it seems this is not working yet like I want to :)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch!
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
OussamaSabbouh Profile Picture

OussamaSabbouh 1,713 Super User 2026 Season 1

#2
YUN ZHU Profile Picture

YUN ZHU 1,032 Super User 2026 Season 1

#3
Grigorios Mavrogeorgis Profile Picture

Grigorios Mavrogeorgis 914 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Microsoft Training Manuals

Product updates

Dynamics 365 release plans