Write Permission AzureAd Groups

Is it possible to add the permisson “write” to a folder in a windows 10 machine from an azureAd group?

As I understand what you are trying to do is
Grant an Azure AD (now called Entra ID BTW :wink: ) group write permission to a folder on a Windows 10 Machine.

Yes this is entirely possible, but this is not the correct forum for finding that answer (Unless you have a specific requirement to use PSADT to do this - which seems unnecessary IMHO)

1 Like

I known but “Entra” is no appeal as AzureAD :smiley:
I’m trying doing that inside a PSADT script, can you show me some guidance (you cna send some private message))?

You don’t state if you are using Intune, if you are then this guidance could help:
You would first need to find the SID of the EntraID group that you wish to grant the write permission, then assign that SID to the folder permissions on each device your require the permission set.
Although this article is for adding an EntraID group to the Local Administrators group, the techniques overlap with what you are attempting, so it may help you:

Alternatively (subject to your Intune licencing tier) you could setup a Remediation (previously known as Proactive Remediation), here is an example for setting ACL’s - You’d need to change the script to cater for your folder path and the permissions you wish to define, but the technique is the same:

2 Likes