How to create and add members to Azure Active Directory Group

by

In this azure active directory tutorial, we will discuss How to create a group and add members using Azure Active Directory. Also, we will discuss how to create a group in Azure Active Directory using PowerShell, Create a Security Group in Azure AD (Azure Active Directory), Add members to Azure AD Groups, Azure Add Member To Group, How to create a group in Azure Active Directory using PowerShell, Create Azure AD Groups PowerShell.

Along with this, we will also discuss, Update Azure AD Groups using PowerShell, Delete azure ad group PowerShell, PowerShell command to get azure ad group members, Remove azure ad group member PowerShell, Azure Active Directory Groups, etc.

How to create and add members to Azure Active Directory Group

Now, we will see how to create a group in Azure AD (Azure Active Directory) from the Azure portal.

Login to Azure Portal. Then click on Groups from the home page.

create group in azure ad

Or you can click on Azure Active Directory form the left navigation or click on Azure Active Directory from the Azure services section in the Azure portal.

Create a group in Azure Active Directory

Or you can login to Azure AD. Then click on Azure Active Directory like below:

how to Create a group in Azure Active Directory

Or you can directly click on Add a Group from the Quick tasks.

Azure Active Directory create group

On the Active Directory page, select Groups and then select New group

how to Create a group and add members in Azure Active Directory

In the New Group page, you will have to fill out the required information.

You can select the Group type as Office 365.

Create a Office 365 group in Azure active directory

Create a Security Group in Azure AD (Azure Active Directory)

To create the Security Group in Azure AD (Azure Active Directory), You need to follow the above steps and then You can select the Group type as Security from the New Group window.

Create a security group in Azure active directory

You can fill out the other required details.

Group type (required field). You can select a group type as Security or Office 365.  We can use the Security group to manage members and computer access to shared resources for a group of users at once.

you can also give a set of permissions to all the members at once instead of giving the permission individually.

We can use the Office 365 group to collaborate opportunities by giving members access to a shared mailbox, SharePoint site, calendar, files, etc.

  • Group name (required field). You can give a meaning full name to the group. It will verify in the back end if that name is available or else you will have to modify the group name.
  • Group email address (required field). You can mention a group email id or you can choose the default one. This option will visible in the case of Group type as Office 365.
  • Group description(Optional). You can give a description for your Group.
  • Membership type (required field). You can select a Membership type or it will auto-populate the option for you. Assigned-This helps you to add specific users to be members of this group and to have unique permissions.

Now click on the Create button.

If you will check now, your Group is created successfully.

create security group in azure ad

Add members to Azure AD Groups

Next, we will see how to add members to a Azure Active Directory (AD) groups.

Azure Add Member To Group

Now we can add the members to the group TsinfoGroup in my case.

Click on the group name -> Select the Members link from the left and then click on the Add Members button.

create security group in azure active directory

Now on the Add members window, Search for the users need to be added.Then click on Select button.

Add members to the existing group using Azure Active Directory

Now you can see Member added successfully.

Add members to the existing group in Azure Active Directory

This is how we can create a Group in Azure and can add the members to the group using Azure Active Directory.

How to create a group in Azure Active Directory using PowerShell

Let’s see how can we create a group and add members in Azure Active Directory using PowerShell.

Connect to the Azure Account

You must connect your PowerShell session first. Run the below command and enter your username and password.

PS C:\windows\system32> Connect-AzureAD
azure active directory create group powershell

You can see above the session connected Successfully

Retrieve the existing groups

You can use Get-AzureADGroups to get the list of groups present in your AD using the below command.

PS C:\windows\system32> get-azureadgroup
Retrieve existing groups from AzureAD using PowerShell

For specific group,You can use the -objectID parameter to retrieve 

PS C:\Windows\system32> get-azureadgroup -ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b

Output will be

ObjectId                             DisplayName  Description                   
--------                             -----------  -----------                   
219b773f-bc3b-4aef-b320-024a2eec0b5b TSInfo Users This group is for TSInfo Users
Retrieve specific group from AzureAD using PowerShell

ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b is the objectID for a specific group. In my case, it is TSInfo Users group.

Create Azure AD Groups PowerShell

You can create a group in your Active Directory (AD) using the New-AzureADGroup command.

PS C:\Windows\system32> New-AzureADGroup -Description "TsInfoGroupNew group is for TsInfo" -DisplayName "TsInfoGroupNew" -MailEnabled $false -SecurityEnabled $true -MailNickName "TsInfoGroupNew"

The output will be

ObjectId                             DisplayName    Description                       
--------                             -----------    -----------                       
23359f6d-850e-47e3-96b3-6ccae2ecb7bd TsInfoGroupNew TsInfoGroupNew group is for TsInfo

You can see below the group created successfully.

Create AD Groups using Powershell

Update Azure AD Groups using PowerShell

You can update the Azure Active Directory group information by using Set-AzureADGroup cmdlet.

For example, If we want to change the description for above group created.

PS C:\Windows\system32> Set-AzureADGroup -ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b -Description "This group is TsInfoGroupNew"

This will change the description from TsInfoGroupNew to This group is TsInfoGroupNew.

Delete azure ad group PowerShell

To delete the specific Azure AD group you can use the below PowerShell command.

PS C:\Windows\system32> Remove-AzureADGroup -ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b

ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b is the objectID for a specific group.

Add azure ad group member PowerShell

Now our group TsInfoGroupNew is created, we can add members to the group

Add User to Azure Group PowerShell

We can use Add-AzureADGroupMember command to add the member to the group.

PS C:\Windows\system32> Add-AzureADGroupMember -ObjectId 23359f6d-850e-47e3-96b3-6ccae2ecb7bd -RefObjectId e09bfcd-36e9-47c2-a98c-cf19412540e6
Add members to the AD group using powershell.

Here, ObjectId parameter is the ObjectID of the group and the RefObjectId is the ObjectID of the user we want to add as a member.

PowerShell command to get azure ad group members

Now, we will see how to get azure ad group members using PowerShell.

We can get the members of the Azure AD group by using the Get-AzureADGroupMember cmdlet. 

 PS C:\Windows\system32> Get-AzureADGroupMember -ObjectId 219b773f-bc3b-4aef-b320-024a2eec0b5b

The output will be

ObjectId                             DisplayName UserPrincipalName                 UserType
--------                             ----------- -----------------                 --------
ee09bfcd-36e9-47c2-a98c-cf19412540e6 Bks Sahoo   bks@SPSkyTraining.onmicrosoft.com Member
Get members from specific AD group using PowerShell

Remove azure ad group member PowerShell

You can remove the member from Azure AD we previously added to the group by using the Remove-AzureADGroupMember cmdlet.

PS C:\Windows\system32> Remove-AzureADGroupMember -ObjectId f21bae22-8ac0-780c-bc37-udae0f3da61i -MemberId 63cd4ccd-1029-80a3-461d-032d3bfttttb

In this way, we can remove the member from the group.

Azure Active Directory Groups

Azure Active Directory Groups help you to manage access to the different application that includes both cloud-based and on-premises apps. Basically, it helps you manage the permissions, different roles, etc. Not only that, but it also helps you to provide permissions to manage different external apps such as SharePoint sites, Azure services, SaaS apps, etc.

You can create different types of groups like Security, Microsoft 365, etc. Along with this, you can also able to create different membership type like Assigned, Dynamic user, Dynamic device, etc.

How Many Groups Can We Create In Azure AD?

An Azure AD organization can have 5000 dynamic groups at max.

Azure AD Group Membership PowerShell

Check out an excellent article on Azure AD Group Membership PowerShell now.

You may like following Azure tutorials:

Conclusion

In this Azure tutorial, We discussed

  • How to create and add members to Azure Active Directory Group
  • Create a Security Group in Azure AD (Azure Active Directory)
  • Add members to Azure AD Groups
  • Create a group in azure active directory
  • How to add members to AD group in Azure Active Directory
  • How to create a group in Azure Active Directory using PowerShell
  • Create Azure AD Groups PowerShell
  • Add azure ad group member PowerShell
  • PowerShell command to get azure ad group members
  • Delete azure ad group PowerShell
  • Update Azure AD Groups using PowerShell

Hope you have enjoyed this article !!!