Active Directory Security Groups on Stream Videos

Using Microsoft Stream, I had a scenario where I needed a secure video that was limited to various departments in a company. These departments range from a handful of people to 100+ individuals. Fortunately, there were maintained Active Directory security groups which are replicated via Azure Active Directory Connect so the groups are available in Microsoft Stream. Unfortunately there were ~120 AD groups that were applicable to a handful of videos.

Since you cannot nest security groups within Office 365 groups, I had a couple of options.

  1. Change the Office 365 Group to a Dynamic group (from Assigned) via the Azure Portal. I would have to build the rules out and rely on accurate information in Active Directory user objects.
  2. Add the synchronized AD security groups to the videos directly.

While option 1 would have been ideal, it wasn’t feasible in this particular environment. Option 2 will work, but it is painful due to the Stream UI as you can only add one group at a time into the permissions dialog box. So, in comes another option! I created another Active Directory security group and nested all of the other Active Directory security groups within it. Once that replicated via AAD Connect, I was able to add the new parent group to the Stream video and it worked!

Finally, to do this in Stream, you need to edit a video in Admin Mode. To do this, as an owner of the video/channel, go into the video itself, click the ellipsis under the video, and click Edit. There is a center panel for Permissions on the specific video. Change the drop down from My Groups to People. You can then find the security group and add it. Once you apply your changes, the video will be available for that group (or nested group :)) of users.

Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.