locked
SharePoint Online User Management - Security Group Type RRS feed

  • Question

  • Hi All,

    We are planning to manage user permissions for SharePoint Online through security groups defined in on-premises active directory.

    We have a DirSync installation to allow us synchronize users and security groups to Azure Active Directory.

    We can then drive SharePoint online user groups through the Azure AD groups.

    The question is - What type of security group to be created in the on-premises AD i.e. Domain Local, Global or Universal?

    We have a single forest/single domain AD on-premises.

    Regards,

    Ajay Suri


    Wednesday, May 28, 2014 12:15 PM

All replies

  • I would recomment not to create any groups since that might conflict in future with sharepoint online users and groups and you would face a lot of problems.
    Wednesday, May 28, 2014 10:35 PM
  • Hi Ujjwal,

    We are not planning to touch standard SharePoint user groups.

    As I understand, SharePoint groups can consist of individual users or security groups.

    We are planning to have Azure AD security groups which will be members of respective SharePoint groups.

    These Azure AD security groups will be synchronized through corresponding security groups on-premises.

    Something like this -

    Group A (Active Directory) --DirSync--> Group A (Azure AD) --member of-- SharePoint Group A

    Group B (Active Directory) --DirSync--> Group B (Azure AD) --member of-- SharePoint Group B

    Regards,

    Ajay Suri




    Thursday, May 29, 2014 11:48 AM