With the replacement of legacy User Groups and the introduction of AAD Security Groups in Business Central with BC2023rw1, we identified a gap with the security group information replicated from the AAD into the Business Central application. In Business Central, currently the Group Name is synchronized from the AAD into the Business Central data model only while the corresponding Group Description is not.

Object references:

• Page 9871 - Security Groups
• Table 9022 - Security Group Buffer

We currently see this causing a lack of information within the Business Central application, because typical organisational structures do follow a short-coded pattern for the unique naming of the security groups in the AAD of their enterprise organisation while the group description is used to provide a user friendly text in addition.

With the Group Name available in Business Central only, it would be hard to read and understand for application administrators from within the Business Central application and they would continuously have to switch over to the settings on the AAD as reference. Moreover, due to enterprise security reasons, they may not even have direct access to the AAD security groups and would have to rely on mapping tables provided as exports or similar.

Due to this reason, we would like to strongly recommend the extension of the Security Groups in Business Central to also include the AAD Security Group Description from the AAD in addition to the AAD Security Group Name which is already available. This would provide a huge increase of information and transparency about meaning and intended usage of security groups and would assist application administrators working within the Business Central application to retrieve the required information needed in order to manage security and permissions in Business Central in a direct way.

Andrew Tomforde for neusta IT-business-architecture GmbH