web
You’re offline. This is a read only version of the page.
close
Skip to main content
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Small and medium business | Business Central, N... / Integrating Business C...
Small and medium business | Business Central, N...
Suggested answer

Integrating Business Central On-premise with Azure AD Security Groups

(5) ShareShare
ReportReport
Posted on by Community member 22
We are running a Business Central On-premise solution, that uses Azure AD for user authentication.
 
After trying to setup Azure AD Security Groups for managing user rights, I've come to the understanding that this might not be possible.
 
All guides that I've seen only mention how to connect the cloud version of Business Central to Azure AD Security Groups, which appears to work seamlessly.
 
Am I right in thinking that integrating Business Central On-premise with Azure AD Security Groups is not possible at this point in time?
 
WIth User Groups being marked for obsoletion, is this integration planned for a future release?
Categories:
Dynamics 365 Business Central
I have the same question (0)
  • Suggested answer
    YUN ZHU Profile Picture
    YUN ZHU 92,507 Super User 2025 Season 2 on at
    Integrating Business Central On-premise with Azure AD Security Groups
    Hi, here are the instructions from Microsoft, which hopefully will give you some hints.
     
    Thanks.
    ZHU
  • Community member Profile Picture
    Community member 22 on at
    Integrating Business Central On-premise with Azure AD Security Groups
    Hello Yun, thanks for your answer.
     
    Our problem is that we are authenticating against Azure AD, which means that the IsWindowsAuthentication flag in the Security Group module is false. Therefore we only get the option to connect to a Azure AD Security Group.
     
     
     
    The lookup page is then empty, because it can't find any Azure AD Security Groups.
     
     
    Because of this I was wondering if our setup, with Azure AD authentication in Business Central On-premise will not work with security groups.
  • Jakob Theiner Profile Picture
    Jakob Theiner 52 on at
    Integrating Business Central On-premise with Azure AD Security Groups
    We have the exact same issue.
    We have a partner hosting the Business Central Solution for our customers. Therefore we can't even use Windows Authentication if we wanted to (the services are publicly available, having it available without MFA is absolutely not an option and as far as I know Entra ID is the only way to get MFA).
     
    Why can't we use Entra ID user groups from an Entra ID authenticated server instance? This doesn't make any sense to me.
     
    We have customers with 200+ users and we currently have to tell them it's not possible to use user groups, that's a real bummer in projects and definitely not suitable for an ERP system :/
     
    Kind regards,
    Jakob
     
  • CU18071241-0 Profile Picture
    CU18071241-0 4 on at
    Integrating Business Central On-premise with Azure AD Security Groups
    Does anyone have any news on this ?

    Is it now possible to use Entra security groups in Business Central OnPrem.

    I had tested the possibilities of this when we were using Windows authentication, and validated it to everyone.
    Now that we switched to Entra ID connecte, I can't do anything with that....
     
    That's an horrible way to push users out from using onprem version...
  • Suggested answer
    Jainam M. Kothari Profile Picture
    Jainam M. Kothari 12,126 Super User 2025 Season 2 on at
    Integrating Business Central On-premise with Azure AD Security Groups
  • Suggested answer
    Sohail Ahmed Profile Picture
    Sohail Ahmed 11,087 Super User 2025 Season 2 on at
    Integrating Business Central On-premise with Azure AD Security Groups
    You're right — Azure AD Security Group-based permission management is currently only supported in the SaaS (cloud) version of Business Central. The on-premise version does not support automatic mapping of Azure AD Security Groups to permission sets or user groups within Business Central.
     
    Key points:
     
    On-prem BC can authenticate via Azure AD, but it lacks the group-based permission assignment integration.
     
    You'll still need to manage user permissions manually or via custom scripts/API, even if using Azure AD for login.
     
    Microsoft has not announced official plans to bring this feature to on-prem installations yet.
     
    As of now, User Groups are marked obsolete, but permission sets can still be assigned per user manually or via AL code or admin tools.
     
     
    You can keep track of updates here: 👉 https://learn.microsoft.com/en-us/dynamics365/release-plans/
     
     
    ✅ Mark this answer as verified if it helps you.
     
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Join experts in person to explore low code and AI agents at the Power Platform Community Conference sponsored by Microsoft

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Abhilash Warrier – Community Spotlight

We are honored to recognize Abhilash Warrier as our Community Spotlight honoree for…

Congratulations to the September Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Small and medium business | Business Central, NAV, RMS

#1
Rishabh Kanaskar Profile Picture

Rishabh Kanaskar 4,202

#2
Nimsara Jayathilaka. Profile Picture

Nimsara Jayathilaka. 3,248

#3
Sumit Singh Profile Picture

Sumit Singh 2,893

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans