Purpose of Groups
Groups simplify management by letting admins assign permissions, roles, and licenses collectively rather than individually.
Example: Instead of assigning SharePoint permissions to 100 employees, Contoso IT assigns access to the Marketing security group.
Types of Microsoft Entra Groups
| Group Type | Purpose | Notes |
|---|---|---|
| Security Groups | Control access to resources. | Used by IT admins to define access to apps or files. |
| Microsoft 365 Groups | Enable collaboration tools (Outlook, Teams, SharePoint). | Includes shared mailbox, calendar, and files. Can include guests. |
Membership Types
| Type | Description |
|---|---|
| Assigned | Admins manually add/remove users. |
| Dynamic | Membership is determined automatically by rules (e.g., Department = “Sales”). |
Dynamic Groups
Dynamic groups automatically update membership when user attributes change.
Example: A dynamic group for Department = HR automatically adds any new HR employees synced from AD. When an employee transfers out of HR, they are removed.
Warning: Be cautious — misconfigured rules can unintentionally include users in sensitive groups.