Restrict User Access to a D365 instance using Security Groups

Use Case

You have multiple instances and you don’t want every member with a D365 license to be able to access each of those environments. How do you tackle this? Answer is using Security Groups on the Environments and Users.

Creating Security Group

In Office 365, create a Security Group and add members to it who should have access to the desired environment.

  1. Navigate to Groups in Office 365 and create a New Group. Give it a suitable name.
    creategroup
    groupname
  2. Add members to the Group who should have access. Click on Edit as shown below to Add members to the group and select the members and save it.
    editmembers
    addmembers
    membersadded
  3. Your Security Group is ready.
    securitygroupready

Apply Security Group to the D365 instance

  1. Navigate to Dynamics 365 Admin Center and select Edit on the instance you want to apply the Security Group on.
    editinstance
  2. Select the Security Group field and select the Security Group you created.
    selectsecuritygroup
  3. Click Next.
    clicknext
  4. Save once confirmed that you have selected the correct Security Group.
    saveinstance
    That’s it.

Who all can access the environment

All those are a part of the Security Group applied to the instance will have access to the environment including the Global Administrator
enabledusers

Rest of the users will be in the Disabled Users list
disabledusers

And if they try to access the environment, they will not be able to and will see this –
accessdenied

Hope that was easy! 🙂