I am trying to create a dynamic group in Entra ID of users

Question

Good afternoon.

I am trying to create a dynamic group in Entra ID of users who have the Microsoft Office Business Premium license.  I have tried in the Groups area of Entra ID using the rule creation interface (assignedPlans.serviceID) and in Powershell using commands in the Microsoft Graph library. Nothing works, I get errors saying properties aren't supported or I get way too many results for a single user and single sku.

 

Has anyone successfully done this? I have the SKU and the SKU ID. 

Answer 1

Follow https://learn.microsoft.com/en-us/answers/questions/1532030/entra-id-dynamic-security-group-based-on-account-a

---

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin

Answer 2

@D E Thanks for posting in our Q&A.

Based on my research, the rule may be:

(user.assignedPlans -any (assignedPlan.servicePlanId -eq "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" -and assignedPlan.capabilityStatus -eq "Enabled"))

For more details, please refer to the following link:

https://cloudyhappypeople.com/2019/06/26/create-a-dynamic-rule-based-on-user-license-plan/

Note: Non-Microsoft link, just for the reference.

In addition, we can skip the PowerShell section in the above link to find the ServiceplanID info by going to this Microsoft Page. https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/licensing-service-plan-reference

Hope it will help.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.