Currently, D365 Finance & Operations allows user creation and role assignment based upon ActiveDirectory groups. However, the feature automaticall provides access for these groups to all organisations. The feature request is to further enhance the logic to restrict access per security role upon certain criteria, such as an OU in ActiveDirectory, or an additional ActiveDirectory group.