locked
Dynamic AD Security Groups RRS feed

  • Question

  • I have done some reading and it looks like Active Directory now supports "Dynamic" Security Groups, but there is no GUI interface to actually create them. I have found several demonstrations on creating a dynamic security group by using LDIFDE. I know these do not work like exchange dynamic groups, but I would still like to know how to do this with PowerShell. Can anyone help?

    Friday, September 6, 2019 3:14 PM

All replies

  • Currently there is no method for doing this in PowerShell.  Use the GUI as it is a on-time task that does not require scripting.


    \_(ツ)_/

    Friday, September 6, 2019 3:40 PM
  • If it helps, here is a link for a PowerShell script to update a dynamic AD group:

    https://gallery.technet.microsoft.com/Update-Dynamic-Group-with-77989a94

    The script can be run periodically, perhaps as a scheduled task. It will remove users that do not meet the specified conditions, and add users that do meet the conditions. It only updates what is necessary, to reduce replication traffic. Note the configuration section where you specify the conditions to be met for group membership.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Friday, September 6, 2019 5:05 PM
  • In Azure AD there is a GUI to create "Dynamic Security Groups".  

    In AD there are really no "dynamic" security groups but a script can be scheduled to periodically repopulate a security group.

    There are also third party extensions to AD that can create and maintain dynamic groups via the GUI.

    https://activedirectoryfaq.com/2013/12/active-directory-establishing-dynamic-security-groups/


    \_(ツ)_/

    Friday, September 6, 2019 5:18 PM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Friday, October 4, 2019 8:26 AM