Office 365 Connector Security-groups


I’m in the process of implementing Microsoft 365 for our school. The UCS 365 Connector works fine already. Users are created correctly, but I have huge problems to use the by the connector automatically generated security-groups (classes, courses, student-group, teacher-group) for our rights management in M365 or to use them for anything else at all.

For example when I try to set the booking policy for one of our in outlook bookable rooms with the corresponding PowerShell command, I get an error message that this group doesn’t exist:

Set-CalendarProcessing -Identity RoomMailboxName -AllBookInPolicy:$false -AllRequestInPolicy:$false -AllRequestOutOfPolicy:$false -BookInPolicy "name of security group"

The same code works fine with groups that I created manually in M365.

To be honest, right now the generated security groups have no value at all for me, because I can’t use them anywhere in M365 (teams, outlook, etc…)…but I need those groups to reduce my administrational effort I have to put in our M365-tenant.

My question in short: How can I use productively the automatically generated security-groups?

Thanks in advance and best regards

Kai Schoulen

In MS Azure there are two types of groups, our Office365 Connector creates security groups. To manage anything Microsoft365 / MS Teams related, one needs an “Office 365” group.

This is currently not possible. A feature request exists in our bug tracker:

Wow, thank you for the very fast reply. Two question came popping up, when reading your reply:

1.) Why do you create security groups at all? (To be honest I’m quite new to M365, but you have to have a reason for creating these groups) Is there any benefit from having a security group available?

2.) The feature to create Office365 groups or at least email-enabled security groups seems quite important to me. In fact I’m not really sure how to handle our M365-tenant efficiently without having this feature available. Do you got any internal roadmap when you it should be available?

Best regards


Hello @Schoulen!

When Univention started developing the Office 365 Connector, we picked the best Microsoft Azure API for our needs and use-cases that was available at the time. Unfortunately, this API could not and still cannot create “Office 365 groups” - only security groups. To be able to create “Office 365 groups” we need to switch to a newer API provided by Microsoft. Since this is not just a newer version of the same API, but a completely different one, this requires quite some changes to our Connector-App.
We consider this an important feature and intend to implement the necessary changes, but we don’t have a final roadmap, yet.

Best regards,
Michael Grandjean

sorry to hijack this discussion - does this literally mean you can’t use the UCS groups in O365 at all and need to create all of your groups again (including allocation of users)?