Reputation: 277
How to make group assignments for azure active directory roles?
I want to assign Azure Active Directory groups to an Azure Active Directory role. But if I open e.g. the role "Directory Readers" and click on "Add Assignment" I can only choose Azure Active Directory users but no groups.
How can I assign an Azure Active Directory group to an Azure Active Directory role?
Thank you in forward!
Best regards Matthias
Upvotes: 0
Views: 201
Answers (1)
Reputation: 7483
I'm afraid that you could not assign an Azure Active Directory group to an Azure Active Directory role both in the portal and Powershell.
Here is a workaround. You could get members in the group first, then loop the members and assign members to the role.
$members = Get-AzureADGroupMember -ObjectId {object id of group}
Foreach($member in $members){
Add-AzureADDirectoryRoleMember -ObjectId {object id of directory reader role} -RefObjectId $member.ObjectId
}
If there is still a group in this group, then It will fail when assigning the role to the internal group.
Upvotes: 1
Related Questions
- How to assign user to all possible groups in Azure Active Directory?
- Azure Active Directory Groups/Roles
- Azure role assignments to a AD group for a subscription
- How to map groups belonging to a User in Azure AD provisioning call
- Active Directory groups and roles
- Azure AD Assign Roles to Group
- office 365 assign group to users
- Is it possible to set Azure AD directory role via group membership?
- Assign nested group to role in Azure AD Applications Users and groups
- Azure AD - Assign Users and Groups to App