Azure Active Directory Group Licensing Assignment Now Available

Microsoft now permits Azure Active Directory licensing to be assigned based on groups within an organization.

It may seem surprising, but the ability to assign licenses to groups of users is only just now at the "general availability" stage, according to a Microsoft Friday announcement. The general availability nomenclature signifies that Microsoft deems Azure AD group licensing assignment as being ready for production use by organizations.

Group assignment is perhaps a less tedious approach for organizations with lots of Azure AD end users to manage. Previously, IT pros could only assign Azure AD licenses individually, and if they wanted to then associate those licenses with certain groups within the organization, then they'd have to use PowerShell scripts, according to Microsoft's general document on Azure AD group-based licensing.

Microsoft's group-based licensing for Azure AD automates this process without using PowerShell scripts, per the document:

Any new members who join the group are assigned the appropriate licenses. When they leave the group, those licenses are removed. This eliminates the need for automating license management via PowerShell to reflect changes in the organization and departmental structure on a per-user basis.

Microsoft's document suggested that organizations won't get double-licensed with the Azure AD group licensing approach.

"If a user is assigned same license from multiple sources, the license will be consumed only once," the document explained.

Right now, one requirement for using this feature is that the groups must be assigned using the Azure Portal. Here's how Microsoft described it:

Group-based licensing is currently available only through the Azure portal. If you primarily use other management portals for user and group management, such as the Office 365 portal, you can continue to do so. But you should use the Azure portal to manage licenses at group level.

The steps to take when using the Azure Portal to assign group licensing are described in this Microsoft document.

It's possible to disable particular services when assigning a license to a group, which might be done if an organization isn't ready to use that service. Microsoft's example is disabling Yammer. It gets done using a toggle button.

The new group licensing assignment capability is available for organizations that have a paid or trial subscription to Azure AD Basic, Office 365 Enterprise E3, Office 365 A3 or higher subscription plans, and it'll work with other Microsoft services that have "user-level licensing." It can also be used when organizations have their local Active Directory synchronized with Azure AD via Microsoft's Azure AD Connect service.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • OneDrive Users To Get Storage Options, Plus New Personal Vault

    Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.