Azure Active Directory Create GROUPS with Powershell | NEW-AzureADGroup

Опубликовано: 29 Декабрь 2020
на канале: Paddy Maddy

3,019

Azure Active Directory Create Groups with Powershell | NEW-AzureADGroup

Use PowerShell to manage your groups in Azure Active Directory (Azure AD)

To create a new group in your directory, use the New-AzureADGroup cmdlet. This cmdlet creates a new security group called “Marketing"
New-AzureADGroup -Description "Marketing" -DisplayName "Marketing" -MailEnabled $false -SecurityEnabled $true -MailNickName "Marketing"

Group types:
Security. Used to manage member and computer access to shared resources for a group of users. For example, you can create a security group for a specific security policy. By doing it this way, you can give a set of permissions to all the members at once, instead of having to add permissions to each member individually. A security group can have users, devices, groups and service principals as its members and users and service principals as its owners. For more info about managing access to resources, see Manage access to resources with Azure Active Directory groups.
Microsoft 365. Provides collaboration opportunities by giving members access to a shared mailbox, calendar, files, SharePoint site, and more. This option also lets you give people outside of your organization access to the group. A Microsoft 365 group can have only users as its members. Both users and service principals can be owners of a Microsoft 365 group. For more info about Microsoft 365 Groups, see Learn about Microsoft 365 Groups.

Membership types:

Assigned. Lets you add specific users to be members of this group and to have unique permissions. For the purposes of this article, we're using this option.

Dynamic user. Lets you use dynamic membership rules to automatically add and remove members. If a member's attributes change, the system looks at your dynamic group rules for the directory to see if the member meets the rule requirements (is added) or no longer meets the rules requirements (is removed).

Dynamic device. Lets you use dynamic group rules to automatically add and remove devices. If a device's attributes change, the system looks at your dynamic group rules for the directory to see if the device meets the rule requirements (is added) or no longer meets the rules requirements (is removed).