Create an Azure AD Dynamic Group for Automatic User Addition | MS-500 Exam Answer

Create an Azure AD Dynamic Group for Automatic User Addition

Prev Question Next Question

Question

You have a Microsoft 365 subscription and Azure AD on the Premium P1 tier.

You are planning license allocation and want to create a group that will automatically add all users from the Sales-department.

What kind of group in Azure Active Directory should you create?

Answers

A. Group type: Security, Membership type: Assigned

B. Group type: Security, Membership type: Dynamic Device

C. Group type: Security, Membership type: Dynamic User

D. Group type: Microsoft 365, Membership type: Assigned.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: C

You should create a security group with the dynamic user membership type, and add the dynamics query:

New Group

Group type * ©
Security

Group name * ©

‘whizlabs licensing v

Group description ©

Enter a description for the group

‘Azure AD roles can be assigned to the group (Preview) ©

Membership type* ©

Dynamic User vy

‘Owners

No owners selected

Dynamic user members * ©

‘Add dynamic query

Rule syntax
fuser.department -eq Sales")

Option A is incorrect.

Assigned membership type will not automatically assign your licenses based on a query.

Option B is incorrect.

We are using the attribute “department” which is associated with the Azure AD user, not device.

Option D is incorrect.

For assigning licenses we should use a Security group, not Microsoft 365

Also the membership type is Assigned, which will not let us create a query to assign licenses based on department information.

To know more about Azure AD dynamics groups, please refer to the link below:

To automatically add all users from the Sales-department in Microsoft 365 subscription and Azure AD, we need to create a dynamic group. A dynamic group is a group in Azure Active Directory whose membership is determined based on defined rules, rather than manually adding or removing users. Dynamic groups can be created based on user attributes such as department, job title, location, etc.

Out of the given options, the suitable group type for this scenario would be "Security" as it is used to manage security-related settings such as access control, conditional access, and device policies. Membership type should be "Dynamic User" as we want to automatically add all users from the Sales-department based on the user attribute.

So, the correct answer is option C: Group type: Security, Membership type: Dynamic User.

Option A (Group type: Security, Membership type: Assigned) is not suitable for this scenario as it requires manual assignment of users, and it is not practical for large organizations or frequent changes in user membership.

Option B (Group type: Security, Membership type: Dynamic Device) is also not suitable as it adds devices dynamically based on the rules and not users.

Option D (Group type: Microsoft 365, Membership type: Assigned) is not appropriate as we need a security group to manage security settings.

Prev Question Next Question