To create a dynamic group containing all Azure AD Premium users:
- In a browser, visit Microsoft Entra (Azure Active Directory) at https://entra.microsoft.com/ and sign-in with a Global or User Administrator account.
- Expand Groups then click All groups. Click New group.
-
In Group type ensure Security is selected. In Group name and Group description enter a suitable name and description for the group. For Azure AD roles can be assigned to the group, select No. In Membership type ensure Dynamic User is selected. Add an Owner to the group and then click Add dynamic query.
-
Click Edit above the Rule syntax box.
-
In the Edit rule syntax blade, under Rule syntax, enter the below statement then click OK.
(user.userPrincipalName -match "^[A-Z0-9._%+-]+@domainname.com")
Replacing "domainname.com" with the UPN domain name you want to match. - The rule syntax will be added. If you want to test the rule, click Validate Rules (Preview).
- Click Add Users and then select a mixture of users that do and do not have Azure AD licenses assigned to them. When a number of users have been added to the Selected users section of the Add users blade, click Select.
- The users you have selected will then be evaluated against the syntax and display whether they match.
- Click Save to complete editing the dynamic query.
- Back at the New Group page, click Create to save the dynamic user group.
Microsoft Entra may take a few minutes to populate the members of a newly created dynamic user group.
Comments
0 comments
Please sign in to leave a comment.