TechQA.

Azure AD dynamic groups membership

260 views Asked by At

I need help with creating a AzureAD Group that collects all the users with Manager or Director in the job title, BUT NOT anyone with "Case Manager", "Lead Case Manager" or "Housing Manager" in the job title. I have tried everything can anyone help?

 $groupName = "DynamicManagersGroup"
>> $groupDescription = "Dynamic Group for Managers"
>> $includedJobTitles = @("Manager", "Director")
>> $excludedJobTitles = @("Case Manager", "Lead Case Manager", "Housing Case Manager")
>>
>> $includedExpression = ($includedJobTitles | ForEach-Object { "[JobTitle] -contains '$_'" }) -join " -or "
>> $excludedExpression = ($excludedJobTitles | ForEach-Object { "[JobTitle] -contains '$_'" }) -join " -or "
>>
>> $dynamicMembershipRules = "(user." + $includedExpression + ") -and (-not (user." + $excludedExpression + "))"
>>
>> New-AzureADMSGroup -DisplayName $groupName -Description $groupDescription -MembershipRuleEvaluationType Dynamic -MembershipRuleFilterType Include -MembershipRule $dynamicMembershipRules
>>
New-AzureADMSGroup:
Line |
  11 |  …  -Description $groupDescription -MembershipRuleEvaluationType Dynamic …
     |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | A parameter cannot be found that matches parameter name 'MembershipRuleEvaluationType'
azure-active-directory group-membership
Original Q&A
1

There are 1 answers

0
Venkat V On

I need help with creating a AzureAD Group that collects all the users with Manager or Director in the job title, BUT NOT anyone with "Case Manager", "Lead Case Manager" or "Housing Manager" in the job title. I have tried everything can anyone help?

Here is the updated Powershell Script to add only if the Job Title matches Manager or Director not anyone with Case Manager, Lead Case Manager or Housing Manager in the job title.

    $GroupName = "DynamicManagersGroup"
    $groupDescription = "Dynamic Group for Managers and Directors"
    $GroupNickname = "DynamicGroup"
    $DynamicGroupQuery = "(user.jobTitle -match ""Director"") or (user.jobTitle -match ""Manager"")"
    
    $DyamicGroup = New-AzureADMSGroup -Description "$($groupDescription)" -DisplayName "$($GroupName)" -MailEnabled $false -SecurityEnabled $true -MailNickname "$($GroupNickname)" -GroupTypes "DynamicMembership" -MembershipRule "$($DynamicGroupQuery)" -MembershipRuleProcessingState "Paused"
     
    #Set the Dynamic Azure Active Directory Group to Sync
    Set-AzureADMSGroup -Id $DyamicGroup.Id -MembershipRuleProcessingState "On"

Output:

enter image description here

After running the above script, if a user's job title matches Manager or Director, they will be automatically added to the group as shown below.

enter image description here

Related Questions in AZURE-ACTIVE-DIRECTORY

Related Questions in GROUP-MEMBERSHIP

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions