Azure AD – You can now validate your dynamic group membership

As you know you can create dynamic group membership in Azure Active Directory to automatically add/remove group members (either users or devices) based on rules.

Sometime you may not be totally sure about the result and it is frustrating to have to wait before being able to validate it.

Well, good news, you can now validate and verify your dynamic group membership rule directly from the portal without wait

To start using it, logon to either your Azure portal ( or your Azure AD portal ( and reach the Azure Active Directory\Groups\All groups blade


Then either create a new dynamic group or edit an existing one; you will find the Validate Rules option on top of the rule section


From there you can add either one or more user or device (depending if this is a user group or device group) to validate your rule

image_thumb[2]  image_thumb[3]

After the rule is validated against the selected user or device, you can access the details to find why the user or device are (or are not) added as member of this group


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies