You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Validate a dynamic group membership rule (preview) in Azure Active Directory
20
20
21
-
Azure Active Directory (Azure AD), part of Microsoft Entra, now provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When creating or updating dynamic group rules, administrators want to know whether a user or a device will be a member of the group. This helps evaluate whether user or device meets the rule criteria and aid in troubleshooting when membership is not expected.
21
+
Azure Active Directory (Azure AD), part of Microsoft Entra, now provides the means to validate dynamic group rules (in public preview). On the **Validate rules** tab, you can validate your dynamic rule against sample group members to confirm the rule is working as expected. When you create or update dynamic group rules, you want to know whether a user or a device will be a member of the group. This knowledge helps you evaluate whether a user or device meets the rule criteria and help you troubleshoot when membership isn't expected.
22
22
23
23
## Prerequisites
24
-
To use the evaluate dynamic group rule membership feature, the administrator must have one of the following rules assigned directly: Global Administrator, Groups Administrator, or Intune Administrator.
24
+
To evaluate the dynamic group rule membership feature, the administrator must have one of the following rules assigned directly: Global Administrator, Groups Administrator, or Intune Administrator.
25
25
26
26
> [!TIP]
27
27
> Assigning one of required roles via indirect group membership is not yet supported.
28
28
>
29
29
30
30
## Step-by-step walk-through
31
31
32
-
To get started, go to **Azure Active Directory** > **Groups**. Select an existing dynamic group or create a new dynamic group and click on Dynamic membership rules. You can then see the **Validate Rules** tab.
32
+
To get started, go to **Azure Active Directory** > **Groups**. Select an existing dynamic group or create a new dynamic group and select **Dynamic membership rules**. You can then see the **Validate Rules** tab.
33
33
34
34
35
35
36
36
On **Validate rules** tab, you can select users to validate their memberships. 20 users or devices can be selected at one time.
37
37
38
38
39
39
40
-
After choosing the users or devices from the picker, and **Select**, validation will automatically start and validation results will appear.
40
+
After you select users or devices from the picker, and **Select**, validation will automatically start and validation results will appear.
41
41
42
42
43
43
44
-
The results tell whether a user is a member of the group or not. If the rule is not valid or there is a network issue, the result will show as **Unknown**. In case of**Unknown**, the detailed error message will describe the issue and actions needed.
44
+
The results tell whether a user is a member of the group or not. If the rule isn't valid or there's a network issue, the result will show as **Unknown**. If the value is**Unknown**, the detailed error message will describe the issue and actions needed.
45
45
46
46
47
47
48
-
You can modify the rule and validation of memberships will be triggered. To see why user is not a member of the group, click on "View details" and verification details will show the result of each expression composing the rule. Click**OK** to exit.
48
+
You can modify the rule and validation of memberships will be triggered. To see why user isn't a member of the group, select **View details** and verification details will show the result of each expression composing the rule. Select**OK** to exit.
0 commit comments