Import Azure AD groups

Hello miccol,

Thank you for reaching out to the Devolutions support team.

For vaults, you will have to assign user groups.
I recommend using this script to create a new vault:

$Vault = @{
            Name                   = 'NewVault'
            Description            = 'This is a description for the new vault.'
            IsAllowedOffline       = $true
            Password               = 'Pa$$w0rd!'
            AllowedUsernameList    = @("User1")
            AllowedRolesList       = @("Role1", "Role2")
            AllowedApplicationList = @("App1")
            }

            $response = New-DSVault @Vault

The AllowedRolesList allows you to set an already imported group to your new vault.
You can change the value Role1 to the name of your group.

Best regards,

Hi Patrick

Thank you for your reply.

Not entirely what I'm looking for.

When I go and create a new vault, I'd like to fully automate this process. High level this process is:

• Create Entra ID groups
• Import Entra ID groups to Devolutions
• Create vaults and assign permissions

It's the 2nd step I'd like to figure out if I can somehow automate...either via some PS or API call or something.

Hello miccol,

Thank you for this feedback.

With New-DSRole, you should be able to create an AD group in DVLS.
Here is the syntax from the Get-help:

SYNTAX
New-DSRole [-AuthenticationType <Builtin | Domain | AzureAD>] -Name <String> [-Description <String>] [-IsAdministrator] [-AllowDragAndDrop]
[-CanAdd] [-CanEdit] [-CanDelete] [-OfflineMode <Cache | Disabled | ReadOnly | ReadWrite>] [-DomainName <String>] [-AsLegacyResponse]
[<CommonParameters>]

Best regards,

Cheers, that works! :)