Manage Google Workspace and Microsoft 365 / Entra ID Groups

Easily connect your employees to the people and resources they need to do their job by exporting JumpCloud user groups to Google Workspace distribution groups or M365/Entra ID security groups. To export user groups, first add a group email address to specify the distribution group on the Directory panel User Groups tab. Then, enable group management on the Directory panel Details tab. User Groups are exported to Google Workspace or M365/Entra ID after you bind JumpCloud user groups to a directory that you’ve integrated with JumpCloud. 

Prerequisites:

Considerations:

  • After enabling group management, changes made to groups in JumpCloud are synced with the Google Workspace or M365/Entra ID directory. Keep in mind that the sync is not bi-directional, meaning changes made to groups in Google Workspace or M365/Entra ID won’t be synced to JumpCloud.
  • If you disable group and membership management, no further changes will be made to distribution groups in Google Workspace or security groups in M365/Entra ID. 
  • It can take some time for new groups to appear in the Google Groups directory. See Google’s Admin Help: New groups don’t show up in Groups directory.
  • M365/Entra ID group management is only supported for security groups at this time.

Specifying Groups to Export

Google Workspace

Considerations:

  • If you remove a distribution group’s email address, the group and its memberships are no longer synced with Google Workspace or M365/Entra ID.
  • If you change a distribution group’s email address, the members of the group are moved to the distribution group of the email address you specify.

To specify a Google Workspace distribution group:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the Google Workspace directory you want to manage groups for.
  3. Select the User Groups tab.
  4. Enter an Email Address for the Google Workspace distribution group. 
  5. Click save.

After you enable group management for the Google Workspace directory, specify the distribution email addresses.

M365/Entra ID

Considerations:

  • Ensure existing group names in M365/Entra ID are unique and match the corresponding JumpCloud groups exactly. If they are not, and a JumpCloud group attempts a takeover, a third group with a unique group ID will be created in M365/Entra ID.
  • M365/Entra ID group management is only supported for security groups at this time. If you attempt to sync a distribution group with JumpCloud, a security group will be created instead. 

To specify an M365/Entra ID security group:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the M365/Entra ID directory you want to manage groups for.
  3. Select the User Groups tab.
  4. Select the groups you want to export before saving.
  5. Click save. Management of the security group in M365/Entra ID is taken over by JumpCloud. If the security group does not exist in M365/Entra ID, the group is created.

After you specify M365/Entra ID security groups, enable group management for the M365/Entra ID directory.

Enabling Group Management

After specifying distribution or security groups to enable group management for, when you bind JumpCloud groups to a Google Workspace or M365/Entra ID directory, users are exported to the distribution or security group you specify. Learn how to bind user groups to a directory:

Google Workspace

To enable group management of Google Workspace:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the Google Workspace directory you want to manage groups for.
  3. In the Google Workspace Sync section of the Details tab, select Enable management of groups and memberships in Google Workspace.
  4. Click save to apply changes.

Warning:

After you enable group management for your organization, add the email attribute for user groups in JumpCloud that are synced to the directory you're enabling group management for. If you don't add an email address for user groups before enabling group management, users in bound groups could be suspended until you add an email address. See Specifying Groups to Export above to learn how to add an email address for groups.

M365/Entra ID

To enable group management of M365/Entra ID:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the M365/Entra ID directory you want to manage groups for.
  3. In the M365/Entra ID Sync section of the Details tab, select Enable management of groups and memberships in M365/Entra ID.
  4. Click save to apply changes.

Note:

Groups will not be exported from JumpCloud until at least one user has been added to the group. See M365/Entra ID Sync for more information on post-bind behavior.

Disabling Group Management

Important:

If you disable group and membership management, no further changes are made to distribution groups in the Google Workspace or M365/Entra ID directory.

To disable Google Workspace group management:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the Google Workspace directory you want to release group management for.
  3. In the Google Workspace Sync section of the Details tab, clear Enable management of groups and memberships in Google Workspace.
  4. Click save.

To disable M365/Entra ID group management:

  1. Go to DIRECTORY INTEGRATIONS > Cloud Directories.
  2. Select the M365/Entra ID directory you want to release group management for.
  3. In the M365/Entra ID section of the Details tab, clear Enable management of groups and memberships in M365/Entra ID.
  4. Click save.

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case