How To Assign Users To Azure Active Directory Groups

How To Assign Users To Azure Active Directory Groups

Groups in Azure Active Directory are used to manage access to various resources in Azure. Assigning users in Azure AD to groups is done by direct assignment, group assignment, or rule-based assignment. A group owner can let users join groups by choice rather than by assignment. Depending on how the group was set up, the admin may need to approve or decline new members. In this tutorial, we’ll look at how to create a group in Azure Active Directory as well as how to assign users to that group.


Create A Group In Azure AD

In order to add users to groups, first, we need a group. In the Overview of Azure Active Directory, click on Groups.

azure ad create group


Now we click on New Group

new group in azure ad


Before you can click Create, you need to specify the Group Type, Group Name, and Group Description like we see here.

azure new group settings


If everything goes well, we now have a new DevOps group in the All groups menu of Azure AD.

azure devops group successful creation


Direct Assignment To Azure AD Group

Currently, there are no members in the group. Notice the Add members button along the top row.

empty group in azure


When we click that Add members button, we can search for any users to add.

select member for azure group


Selecting the user we want should give us notifications of success.

azure member successfully added to group


Cool Dood is now in the DevOps group as we can see, but let’s remove him right away so we can test the Dynamic assignment.

new user in group


Dynamic Assignment To Azure AD Group

In the Properties menu of the Manage area of the group we can change the Membership type to Dynamic User and add a dynamic query.

azure groups devops properties


Custom rules using property, operator, and value can be set up here.

azure group dynamic membership rules

Once the rules are saved a message appears: “After changing the group type, the existing membership may change based on the dynamic membership rule you provide. Click Yes to continue and provide the new membership rule for this group.”


There are many options for a dynamic assignment using the Dynamic membership rules of the group.

dynamic membership rules azure groups


How To Assign Users To Azure Active Directory Groups Summary

Groups are a key aspect of managing teams and resources in Azure Active Directory. There are a few ways to manage users in Groups and in this tutorial we learned about how to create a group in Azure AD, how to add users by assignment, how to remove a user, and also how to add users by dynamic assignment.