AD Security
About the Author: Manish Luhana
Microsoft business applications specialist and certified trainer.
Categories: Customer Engagement, Dynamics 3650 CommentsPublished On: 30 March 2022


Microsoft Office 365 security groups can be used as a team in Dynamics 365. This makes it easier to allocate duties to teams rather than individuals. We may also utilise the same security group in other applications such as OneDrive, SharePoint, and so on.

Microsoft 365 groups and AAD security teams will be discussed in this blog.

In the Microsoft 365 Admin centre, there are two types of Active Directory groups.

  • Microsoft 365
  • Microsoft 365 allows you to collaborate by creating a group email. Microsoft teams can be added for group conversations, files, and calendars. 
  • Security
  • As we all know, Active Directory contains users and groups, and they are used as a team in Dynamics 365 to govern access to OneDrive and SharePoint.AD-Security-1

Environmental Action Group (AD Group)

First, we must create a group that will provide users access to a specific environment.


  1. In the Microsoft 365 Admin centre, create an AD group.
  2. Select the environment in Power Platform Admin.
  3. In the Details section, click “Edit.”
  4. Assign only one security group to this environment.
  • Note: This can be a Microsoft 365 or a Security group.

If users are added to that group, they will be able to access the Dynamics 365 environment. This is a simple technique to limit which users have access to specific environments. 

Teams in Dynamics 365

We have a few different types of teams in Dynamics 365.

  1. Ownership groups
  2. Teams with Access
  3. Teams are organised into groups.

Owner teams function similarly to users, with the ability to own records and perform security functions. When a case is created, for example, the record is allocated to the team rather than the user.

Access teams are constituted and disbanded on a regular basis. This usually arises when there aren’t any clear criteria for identifying the teams, such as a defined territory, product, or volume. Sales agents, for example, have access to case records for the customers with whom they work.  

The teams are divided into two groups. An Azure AD group team, like an owner team, can own records and have security roles assigned to it. An AD Group is related to a group of teams.

Security Group in Active Directory

We’re talking about how an AD security group will be used in Dynamics 365 as a Team.

The graphic below depicts how Dynamics 365 Teams function with AD groups.


The processes to forming a team can be found here.

1: First, we must build a Security group in Active Directory.
create Security group in AD

2: Assign that group to the appropriate user(s).

  • Select the security group name on the Groups page
  • On the Members tab, select “View all and manage members”.
  • In the group pane, select “Add members” and choose the person from the list or type the name of the person you want to add in the Search box, and then select Save.

3: In D365, copy the Object ID for the Security Group and create a Team.

  • Go to to get started.
  • Look for “Groups” in the search box (Azure Service)
  • Copy the object id from the Security group.

4: Assign roles to the members of the group (Classic Step)

Assign user(s)

Members of your team aren’t displaying… Why…

You may have observed that team members do not appear on teams.

team members in group

5: Use a new user to access the application, and the member should appear.

A user was automatically added to D365, but no roles were assigned. Permission has obviously been granted through group teams.

“Each Azure AD group can only have one group team per environment, and the group team’s Azure AD Object Id cannot be changed once it’s been formed.”

tech mentor sidebanner
  • Continue reading
  • Continue reading
  • Continue reading
  • Continue reading
  • Continue reading

Leave A Comment