For years, our organisation utilised on-premise Active Directory Groups to manage Adobe software licensing distribution and allocation. The group membership was kept updated through regularly synced ETL processes (using Azure functions) containing the necessary business logic.
With the ability to allocate Creative Cloud licensing through an AAD Group, we transitioned from ETL to Dynamic Groups.
The AAD in question had users dispersed across several OUs, managed by an external HR process. The task was to locate all users within the tenancy and filter them based on Job Role, Office Location, and Account Status to find the appropriate staff.
(user.accountEnabled -eq true)
and (user.displayName -notContains "(Student)")
and (user.employeeId -ne null)
and (user.jobTitle -ne null)
and (user.mail -contains "@<UniversityName>.ac.uk")
and (user.department -ne "Agency Worker") Dynamic Azure Active Directory (AAD) Groups are a great solution for managing software licensing. With the use of Dynamic AAD Groups, administrators can automate the process of assigning and revoking licenses to users based on certain conditions.
Dynamic AAD Groups provide significant benefits such as automation, cost-effectiveness, compliance, and visibility. By using Dynamic AAD Groups, administrators can simplify the license management process and ensure that the correct licenses are assigned to the right users.