Managing Hybrid AD Groups
Active Roles provides the facility to perform administrative tasks such as create, read, update, and delete Groups in Azure Active Directory (Azure AD) through the web interface. You can also perform other operations such as add and remove members to Azure AD groups. Some of the group operations can be performed using the Management Shell in addition to the web interface. The following section guides you through the Active Roles web interface and Management Shell to manage Azure AD groups.
Azure AD Group management UI
Azure AD group management tasks using the Web interface
Active Roles enables you to perform the following management tasks for Azure AD groups:
|
NOTE: : For the first time when Azure is configured, Office 365 Groups are not listed under the Office 365 Group container Refresh the page to resolve the issue. |
Create an Azure AD group
You can use the Active Roles Web Interface to create and enable a new Azure AD group.
To create a new Azure AD group
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the domain in which you need to create a new group.
- In the list of objects displayed, click the required Container or the Organizational Unit.
- In the Command pane, click New Group.
- In the General properties New Group in <OU name> wizard, enter the group details such as group name, pre-Windows 2000 group name, description, group scope, and group type.
Group scope provides the option to create a Global or Universal group, and Group type enables you to create a Security or Distribution group.
- Click Next.
- In the Create Azure Group wizard, select the option Create Azure Group.
Select the Tenant name from the Tenant list drop down. The Azure AD details for the new group are generated automatically and populated in the respective fields.
|
NOTE: To set values for additional properties in the General Properties wizard, select the check-box corresponding to Open properties for this object when I click Finish |
- Click Finish.
|
NOTE: : In Federated or Synchronized environments, Azure AD group creation is not supported. The group is created in Active Roles and is synchronized eventually to Azure using Microsoft Native tools, such as AAD Connect. To manage the Azure AD group through Active Roles, you must perform periodic back-synchronization to on-premise AD. |
View or modify Azure AD group
View or modify Azure AD group properties
For an existing Azure AD group, you can use the Active Roles Web Interface to view or modify the properties.
To view or modify the Azure AD group properties
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the specific domain, Container or the Organizational Unit, and then the specific group for which you want to view or update the Azure AD group properties.
- In the Command pane, click Azure properties.
The Azure Properties wizard for the group account is displayed.
- Use the tabs in the Azure Properties wizard to view or modify properties of the Azure AD group.
- After setting all the required properties, click Save.