Introduction
In this blog post, I will show you an easy guide to automating your Microsoft Teams membership based on a dynamic user group in Microsoft Entra ID. Using dynamic groups is a way of automating group membership based on certain criteria. If you are not familiar with dynamic groups, feel free to check out my post on Create an Azure Dynamic User Group.
The use case
As a use case, we will keep it simple. Let’s assume that the Marketing department wants a dedicated Microsoft Team for their members and also wants to add any new members automatically to that dedicated team. We will make this happen by creating a dynamic Microsoft 365 group based on the Department attributes of our Microsoft Entra ID users.
Configuration
Prerequisites
Before we can start, make sure you have a Microsoft Entra ID P1 or P2 active on your tenant. This will allow you to create dynamic groups in your tenant.
Also, make sure you fill in the user information, we will need the value of the Department field in the Entra ID object of the users.
Microsoft 365 Group
First, let’s create our group. Go to the Microsoft Entra admin center and go to Identity | Groups | All groups and select New group.
Two important things that you need to set correctly when creating the group, Group type and Membership type.
- Group type: Microsoft 365
- Membership type: Dynamic User
Now after filling/setting everything up, select Add Dynamic query
Now we are going to build our rule that we will use to populate our group automatically based on which department that user is in.
Create the following rule with the builder or enter the rule syntax below. After entering, select Save.
(user.department -eq "Marketing") and (user.accountEnabled -eq True)
After you’ve saved the rule, select Create to finalize the creation of this group.
That is the first, your group is ready!
INFORMATION
Notice that the members of the group are still empty, and the Add members are greyed out. This means you can’t manually add members to this group.
Microsoft Teams
The next step we need to do is add Microsoft Teams to this Microsoft 365 group.
IMPORTANT
Make sure your Microsoft 365 group has an owner assigned with an active Microsoft Teams license!
For this part, we need to go to the Microsoft 365 admin center and go to Teams & groups | Active teams & groups and select the created group. Then select Add Teams.
Confirm the next message with Add Teams.
A Team will be added to the group. You’ll notice it by the Teams status icon that is not present for the group.
Add users
The final thing we need to do is add users, so we need to make sure that the Department field is filled in with Marketing.
I’ve created a user where I left the Departement field blank. Now let’s fill in the Department field with Marketing and Save changes, this user will automatically be added to the Team Marketing group we created earlier and also become a member of the Marketing team.
INFORMATION
Be patient, it can take a few minutes before the user is added to the group.
Result
So if we now go to the Microsoft Teams admin center and then go to Teams | Manage teams, you’ll see the Team Marketing team is present.
If we now select that team and check the members, you’ll notice that are new user is a member of this team. Also, notice that the add member button is greyed out.
Conclusion
As you can see, you can turn any dynamic Microsoft 365 group into a Microsoft Team. This gives a lot of possibilities around automating membership within Microsoft Teams. This also ensures that your Teams also only contain members who are still active and members of a particular department, without you having to do periodic checks for this.
So this was my idea of an Easy Guide to Automating Your Microsoft Teams Membership. Hopefully, this can be of use within your organization, and thanks for taking the time to read this blog post. See you soon!