Create an Azure AD group
You can use the Active Roles Web Interface to create and enable a new Azure AD group.
To create a new Azure AD group
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the domain in which you need to create a new group.
- In the list of objects displayed, click the required Container or the Organizational Unit.
- In the Command pane, click New Group.
- In the General properties New Group in <OU name> wizard, enter the group details such as group name, pre-Windows 2000 group name, description, group scope, and group type.
Group scope provides the option to create a Global or Universal group, and Group type enables you to create a Security or Distribution group.
- Click Next.
- In the Create Azure Group wizard, select the option Create Azure Group.
Select the Tenant name from the Tenant list drop down. The Azure AD details for the new group are generated automatically and populated in the respective fields.
|
NOTE: To set values for additional properties in the General Properties wizard, select the check-box corresponding to Open properties for this object when I click Finish |
- Click Finish.
|
NOTE: : In Federated or Synchronized environments, Azure AD group creation is not supported. The group is created in Active Roles and is synchronized eventually to Azure using Microsoft Native tools, such as AAD Connect. To manage the Azure AD group through Active Roles, you must perform periodic back-synchronization to on-premise AD. |
View or modify Azure AD group
View or modify Azure AD group properties
For an existing Azure AD group, you can use the Active Roles Web Interface to view or modify the properties.
To view or modify the Azure AD group properties
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the specific domain, Container or the Organizational Unit, and then the specific group for which you want to view or update the Azure AD group properties.
- In the Command pane, click Azure properties.
The Azure Properties wizard for the group account is displayed.
- Use the tabs in the Azure Properties wizard to view or modify properties of the Azure AD group.
- After setting all the required properties, click Save.
Add or remove members to AD group
Add or remove members to an Azure AD group
You can use the Active Roles Web Interface to add or remove members from an Azure AD group.
To add a member to an Azure AD group
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the specific domain, Container or the Organizational Unit, and then the specific group to which you want to add members.
- Select the check-box corresponding to the Azure AD group and in the Command pane click Members.
The existing member information for the group is displayed.
- In the <Group> (objects found) wizard, click Add to add a user to the group.
- In the Select Object wizard, search and select the members you want to add to the group.
|
NOTE: Click Temporal Membership Settings to specify the date and time when the selected members should be added or removed from the group. |
- Click OK.
The <Group> (objects found) wizard displays all the members that are added to the group.
To remove a member from an Azure AD group
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the specific domain, Container or the Organizational Unit, and then the specific group from which you want to remove a member.
- Select the check-box corresponding to the member and in the Command pane click Members.
The existing member information for the group is displayed.
- In the <Group> (objects found) wizard, select the member to be removed and click Remove.
A message prompts you to confirm the action.
- Click Yes to continue.
The member information is removed from the <Group> (objects found) wizard.
View the Change History Ad group
View the Change History for an Azure AD Group
You can use the Active Roles Web Interface to view the Change History for an Azure AD group.
To view the Change History of an Azure AD group
- On the Active Roles Web interface Navigation bar, click Directory Management.
- On the Views tab in the Browse pane, click Active Directory.
The list of Active Directory domains is displayed.
- Click the specific domain, Container or the Organizational Unit, and then the specific user.
- In the Command pane, click Change History.
The information on changes that were made to the group properties through Active Roles is displayed.