web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / Azure AD Group integra...
Microsoft Dynamics 365 | Integration, Dataverse...
Unanswered

Azure AD Group integration for Business Unit / Teams and role based assignment in D365 CE... General Question

(0) ShareShare
ReportReport
Posted on by Whatsamattr 5

Have a general question, I've come across a few D365 instances in my travels and just wondered why more people don't use Azure AD groups to manage users and security. I know the MS documentation on it is sparse at best, there are a few (quite old) blogs / posts )like this one Dynamics 365 and AD groups. Dynamics 365 has some security features… | by Ben "The Hosk" Hosking | Medium) about people who have used it (but without going to deep into their own use case / situation).

The general question / discussion I wanted to ask was "Why not - the feature has been around for ages? " - Is it just the lack of documentation around the feature or is there some giant gotcha involved in using it that a casual administrator (such as myself) would simply not have been exposed to. 

I'm mostly just curious at this point.. I have a situation where I believe it may benefit the administrative side of the organisation, but I don't want to be that guy that saves "Team A" a days work a week by giving "Team B" an extra days work a week and calling it a win. 

Any responses welcome. 

I have the same question (0)
  • PerezAguiar Profile Picture
    PerezAguiar Microsoft Employee on at

    Hey!

    There might be several reasons to explain this:

    a) People not aware of the functionality.

    b) Separation of roles:  sometimes the Dynamics/PowerPlatform administrators don't have permissions over the AD (which is controlled by a different group of people) and companies don't want to provide such access.

    c) Confusion on how it works or how they could benefit from using security groups to restrict access to environments (Test environments or Production environments) as well as AAD Teams + Automatic Roles (which would be inherited).  

    d) For some small deployments where you have just a few sales persons + less sales managers, using this approach might require more initial work (despite being "cleaner" to maintain).  This approach (using security groups + AAD Teams + Inherited roles) is most commonly deployed when there are large Dynamics deployments (several environments or several different teams).

    Regards,

  • Community Member Profile Picture
    Community Member on at

    Hi Whatsamattr,

    Based on my guess, the Azure AD groups feature requires a trip to the Azure portal, which many people will find cumbersome and may run into permission issues when accessing the Azure portal!

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Siv Sagar Profile Picture

Siv Sagar 93 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 74

#3
Martin Dráb Profile Picture

Martin Dráb 64 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans