Hey Azure Team! I'm having a bit of trouble managing Cloud-based Security Groups in my Tenant. Although I've been granted both Group Administrator and User Administrator roles, I still can't seem to add or remove members from these groups.
Here's what's working fine:
- Group Administrators can manage their groups without any issues.
- Owners of the Security Groups can add or remove members as needed.
- O365 Groups are being managed fine with the same permissions.
- I can add or remove members of Cloud-based Security Groups through the O365 Admin Portal.
But here's where I'm stuck:
- User Administrators and Group Administrators can't manage Cloud-based Security Groups in the Azure Portal. This doesn't apply to On-Prem Active Directory or Mail Enabled Security Groups.
- It really seems like this limitation is only in the Azure Portal.
Is this behavior expected? I've searched through the official documentation, but I haven't found a clear answer yet.
1 Answer
Have you checked if the Cloud Security Groups are configured to allow admin role assignment? Sometimes groups need to be set up specifically for that type of management.
Yes, I believe the group has the roles assigned directly and they should be permanent as well.