1

I am new to Azure and I am trying to create a dynamic Azure Ad group through PowerShell by following below cmdlet:

New-AzureADMSGroup -DisplayName "GroupName" -Description "Des" -MailEnabled $False -MailNickname "Mail" -SecurityEnabled $True  -GroupTypes "Dynamic"

But I am getting the below error:

New-AzureADMSGroup : Error occurred while executing NewMSGroup
Code: Request_BadRequest
Message: Invalid value specified for property 'groupTypes' of resource 'Group'.
InnerError:
  RequestId: 419e641b-a15a-4417-840c-ce30a3541d8d
  DateTimeStamp: Wed, 15 Jun 2022 05:25:33 GMT
HttpStatusCode: BadRequest
HttpStatusDescription: Bad Request
HttpResponseStatus: Completed
At line:1 char:1
+ New-AzureADMSGroup -DisplayName "Testgroup1" -Description "Group assi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-AzureADMSGroup], ApiException
    + FullyQualifiedErrorId : Microsoft.Open.MSGraphBeta.Client.ApiException,Microsoft.Open.MSGraphBeta.PowerShell.NewMSGroup

I am following this Microsoft Document:

New-AzureADMSGroup (AzureAD) | Microsoft Docs

I tried to modify the command like below:

New-AzureADMSGroup -DisplayName "GroupName" -Description "Des" -MailEnabled $False -MailNickname "Mail" -SecurityEnabled $True  -GroupTypes "DynamicGroup"

But it did not work. I am still getting the same error.

How to create dynamic Azure Ad group? Did anyone face the same issue?

Chaitra K V
  • 25
  • 4
  • Replace **`GroupTypes`** value to "DynamicMembership" and check if it works. – Rukmini Jun 17 '22 at 08:47
  • Thanks but I am getting this error now: "A value is required for property 'membershiprule' " – Chaitra K V Jun 17 '22 at 09:00
  • Try this : New-AzureADMSGroup -DisplayName "GroupName" -Description "Des" -MailEnabled $False -MailNickname "Mail" -SecurityEnabled $True -GroupTypes "DynamicMembership" -MembershipRule "(YourRule)" -MembershipRuleProcessingState "On" – Rukmini Jun 17 '22 at 09:09

2 Answers2

1

I tried to reproduce the same in my environment and I am able to create dynamic group successfully like below:

To create Dynamic group, make use of below PowerShell script:

New-AzureADMSGroup -DisplayName "RukminiGroup" -Description "Dynamic group" -MailEnabled $False -MailNickName "Ruk" -SecurityEnabled $True -GroupTypes "DynamicMembership" -MembershipRule "(user.department -contains ""IT"")" -MembershipRuleProcessingState "On"

By executing the above script, the Dynamic group created successfully like below:

enter image description here

enter image description here

Reference:

Azure AD Group Membership PowerShell - Azure Lessons by Bijay Kumar.

Rukmini
  • 6,015
  • 2
  • 4
  • 14
0

Could you please confirm if you have the AzureADPreview module installed?

-GroupTypes Specifies that the group is a unified or dynamic group.

Notes:

This parameter currently cannot be used to create dynamic groups. To create a dynamic group in PowerShell, you must use the Azure AD Preview module.

The correct commandlet is as below.

New-AzureADMSGroup -DisplayName "Dynamic Group 01" -Description "Dynamic group created from PS" -MailEnabled $False -MailNickname "group" -SecurityEnabled $True -GroupTypes "DynamicMembership" -MembershipRule "(user.department -contains ""Marketing"")" -MembershipRuleProcessingState "On"
Shabarinath
  • 132
  • 8
  • I already have AzureADPreview module installed. I confirmed it by checking Get-Module cmdlet. – Chaitra K V Jun 17 '22 at 08:55
  • The commandlet needs to be adjusted. Groutype needs to have DynamicMembership as the value. And also needs to have MembershipRule. I have edited the actual response with the right commandlet. Please give a try. – Shabarinath Jun 17 '22 at 09:17