web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / Latency issue between ...
Microsoft Dynamics 365 | Integration, Dataverse...
Answered

Latency issue between Azure AD Security Groups and Environments Teams

(0) ShareShare
ReportReport
Posted on by AhmedSalih 7

Hello,

I have created Azure AD security groups for my Dataverse security model (Field based security using Environment Teams). I then created Environments Teams for those AAD security groups and assigned security roles for those teams. It has been more than 24 hours and I still don't see the Teams members in the Environment?!! 

AAD-issue-and-Env.PNG

Thank you

I have the same question (0)
  • Suggested answer
    AhmedSalih Profile Picture
    AhmedSalih 7 on at

    I asked in another community form and I got the answer. Here it is powerusers.microsoft.com/.../1548067

  • Verified answer
    PerezAguiar Profile Picture
    PerezAguiar Microsoft Employee on at

    Hey Ahmed.

    Official documentation: https://docs.microsoft.com/en-us/power-platform/admin/manage-teams#about-group-teams

    Team members are dynamically derived (added and removed) when they access an environment based on their Azure AD group membership

    This means that even if you Create a group on AzureAD and create a Team within the environment associated to those AAD Groups, they're not going to automatically populate with the users. Instead, as users login to the environment, they will show on the list.

    Regards,

  • MaSc4Crm Profile Picture
    MaSc4Crm 6 on at

    Hi,

    when does the changes in the Azure AD (e.g. an user from a group) takes place in D365?

    E.g. an user is still working with CRM and is already logged in.

    Regards,

    Martin

  • Suggested answer
    PerezAguiar Profile Picture
    PerezAguiar Microsoft Employee on at

    Hey! This will depend on many factors.

    Usually when you login, a token is submitted and you're authenticated using that token. If you're removed from the security groups, that token might still be valid for some time (24 hrs, 7 days, 1 hr).  this will depend on AzureAD.

    On CRM, you can take advantage of Access Management and establish some Session Time Out and INactivity timeout. If the token changes removing the access and the user hits one of those timeouts (Session or inactivity), they will be logged off.

    learn.microsoft.com/.../user-session-management

    Regards,

  • MaSc4Crm Profile Picture
    MaSc4Crm 6 on at

    Hi Daniel,

    this means - I need to setup an automatic "expiring/inactivity" rule for each D365 environment - this is the only option.

    Can I force the user by code to re-login e.g. by revoke the token?

    Can I force the user by using "a button" to re-loging?

    Regards,

    Martin

  • Suggested answer
    PerezAguiar Profile Picture
    PerezAguiar Microsoft Employee on at

    Hey! 

    When you configure the Inactivity & Session TimeOut, users receive a warning and are requested to login again

    community.dynamics.com/.../setup-inactivity-timeout-in-microsoft-dynamics-365-online

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Siv Sagar Profile Picture

Siv Sagar 93 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 80

#3
Martin Dráb Profile Picture

Martin Dráb 64 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans