M365Corner

🔧 New: User Management Graph PowerShell Toolkit

Simplify user tasks like bulk creation, updates, password resets, deletions, license checks & more — all from one place.

🚀 Launch Toolkit
M365 PowerShell

Creating Microsoft 365 Dynamic Groups Using Graph PowerShell

Managing group memberships manually can be time-consuming and error-prone. Microsoft 365 Dynamic Groups solve this by automatically managing group membership based on defined rules. In this article, you'll learn how to create and manage dynamic groups using Microsoft Graph PowerShell.


What are Microsoft 365 Dynamic Groups?

Microsoft 365 Dynamic groups automatically include members based on rules you define. These rules evaluate user or device attributes (like department, job title, or OS type) and update group membership accordingly.


Creating a Dynamic Group Using Graph PowerShell

Use the following PowerShell snippet to create a dynamic group based on the user's department:

$params = @{
    DisplayName = "R&D Users"
    Description = "Users in the R&D department"
    MailNickname = "RDUsers"
    MailEnabled = $false
    SecurityEnabled = $true
    GroupTypes = @("DynamicMembership")
    MembershipRule = '(user.department -eq "R&D")'
    MembershipRuleProcessingState = "On"
}
New-MgGroup -BodyParameter $params

âś… This creates a dynamic security group that auto-adds users from the R&D department.

Note: MembershipRule and MembershipRuleProcessingState properties attributes is what sets Microsoft 365 Dynamic Groups apart from non-dynamic groups.

  • MembershipRule – defines the rule to be applied to the group being created. In the above example, it is set to users of department “R&D” (user.department -eq “R&D”).
  • MemberShipRuleProcessingState – takes value On. Passing On turns a group dynamic.

Viewing a Dynamic Group's Rule

To inspect the dynamic membership rule of an existing group:

Get-MgGroup -GroupId "" | Select-Object DisplayName, MembershipRule, MembershipRuleProcessingState

📌 Replace with your group’s actual object ID.


Updating Dynamic Group's Rule

Need to change the rule? For example, switch to users in the Engineering department:

$updateParams = @{
    MembershipRule = '(user.department -eq "Engineering")'
    MembershipRuleProcessingState = "On"
}
Update-MgGroup -GroupId "" -BodyParameter $updateParams

⚠️ This will re-evaluate membership based on the new rule.


Summary

Dynamic groups make it easy to automate membership based on organizational attributes. With Microsoft Graph PowerShell, you can create, view, and update these groups efficiently—ideal for IT admins looking to simplify access management.


Table of Contents

X

Table of Contents

Graph PowerShell Explorer Widget

20 Graph PowerShell cmdlets with easily accessible "working" examples.


Permission Required

Example:


                

                

                

                

                

            

        

    


 
            

        

    

    
    
    
    

        

            © m365corner.com. All Rights Reserved.
            Design by HTML Codex