Forum Discussion
insufficient privileges to remove member out of security group - im global admin
Hi all,
Was wondering if you can help. I am a global admin and I cant seem to remove users out of this security group:
Any ideas why I would get this message?
- Check the Security group type as set to "Dynamic Users" or "Dynamic device" type and then navigate to the group if suppose Dynamic User type where you have to validate Dynamic membership rules property defined to query from AD
https://techcommunity.microsoft.com/t5/itops-talk-blog/dynamic-groups-in-azure-ad-and-microsoft-365/bc-p/2269553#M1563- The "add expression" is greyed out for me?
- If your GA privileged apparently it should work for you. May I know what is the group type is that Dynamic Users" or "Dynamic device" and also share the Dynamic membership rules property screenshot to understand what was configured in Group dynamic to feed further. Thanks!
- Seems your screenshot looks that the group type is Dynamic, by theory this option.,
Dynamic user. Lets you use dynamic membership rules to automatically add and remove members. If a member's attributes change, the system looks at your dynamic group rules for the directory to see if the member meets the rule requirements (is added) or no longer meets the requirements of the rule (is removed).- I literally signed up just to thank you, this was so useful and so informative, helped fixed my issue. Thank you!
Hi thanks for this. So I need to remove one member who shouldn't be apart of the group.
How do I do this
This is the rule syntax:
(user.extension_fe2174665583431c953114ff7268b7b3_Education_ObjectType -eq "Teacher")
