How to create dynamic AzureAD groups based on the users Preferred Language

In AzureAD (P1) we can created dynamic group based on attributes , we can created both dynamic groups based on user and device attributes. In this blogpost I will show how to created dynamic groups based on the Preferred Language set on the user.

 

---

How to create dynamic groups from Azure Active Directory admin center:

Go to https://aad.portal.azure.com and click on the Azure Azure Active Directory – Groups

Click New group

1. Group type – Security
2. Group name – SEC-D-DA-DK (Use your company naming standard)
3. Membership type – Dynamic User
4. Click “Add dynamic query”

1. Add user where – PreferredLanguage
2. Equals
3. da-DK

When the dynamic query have run in AzureAD in the background you can see the members

---

How to set the PreferredLanguage with Powershell:

First install the MSOnline module

Install-Module MSOnline

Then connect to the Microsoft Online Service

Connect-MsolService

Use the following to set the Preferred Language

 

Set-MsolUser -UserPrincipalName ems3@osddeployment.dk -PreferredLanguage “sv-SE”
Set-MsolUser -UserPrincipalName ems4@osddeployment.dk -PreferredLanguage “da-DK”
Set-MsolUser -UserPrincipalName ems5@osddeployment.dk -PreferredLanguage “en-US”

---

 

How to to create Dynamic Groups based on the Preferred Language:

First install the AzureADPreview module

Install-Module AzureADPreview

Then connect to the AzureAD

$AzureAdCred = Get-Credential
Connect-AzureAD -Credential $AzureAdCred

Then you can create the dynamic AzureAD groups based on Preferred Language on the user object

 

New-AzureADMSGroup -Description “SEC-D-SV-SE” -DisplayName “SEC-D-sv-SE” -MailEnabled $false -SecurityEnabled $true -MailNickname “DYN” -GroupTypes “DynamicMembership” -MembershipRule “(user.preferredLanguage -startsWith “”se-SV””)” -MembershipRuleProcessingState “On”
New-AzureADMSGroup -Description “SEC-D-DA-DK” -DisplayName “SEC-D-da-DK” -MailEnabled $false -SecurityEnabled $true -MailNickname “DYN” -GroupTypes “DynamicMembership” -MembershipRule “(user.preferredLanguage -startsWith “”da-DK””)” -MembershipRuleProcessingState “On”
New-AzureADMSGroup -Description “SEC-D-EN-US” -DisplayName “SEC-D-en-US” -MailEnabled $false -SecurityEnabled $true -MailNickname “DYN” -GroupTypes “DynamicMembership” -MembershipRule “(user.preferredLanguage -startsWith “”en-US””)” -MembershipRuleProcessingState “On”