Active-Directory Groups in SharePoint

When adding an Active-Directory group to SharePoint, for SharePoint this group is like any other (user) account. SharePoint doesn’t care whether the account added is a group or just a single user. Because of this “ignorance” of SharePoint not the group-members are being added to SharePoint, but the AD-group. This group can then be used just like any other SharePoint user.

But there are a couple of caveats:

  • let’s take a task-list for example. When a task is being assigned to a person in a task list, this person will get an email notification of the task assignment. When a task is being assigned to a SharePoint group (not an AD-group!), then every member of the group gets the email notification. Also when looking at the task-list every group-member will see the task, as long as no group member has assigned the task to himself. Every group member can assign the task to himself, and by this the task will only show up in the users task-list, not anymore in the view of the other group members.
    When a task is being assigned to an AD-group no one receives an email, because SharePoint want’s to send an email to the groups email-address (since SharePoint doesn’t know that an AD-group is a group which consists of members, and hence it believes it’s a single user). And because SharePoint believes the AD-group is a single user the task can not be assigned to a member of the group – and also the task is not shown to the members of the group.
  • When assigning an AD-group individual permissions on a site I usually can send an email to the user notifying them about the new permissions. with AD-groups this doesn’t work as well, since usually AD-groups don’t have an email-address and SharePoint is unable to iterate over all the members of the AD-group. The same is true for setting up notifications for lists and libraries, these cannot be set to an AD-group.


  1. Hi Henning,

    using AD-groups for task assignment and notifications should work fine, provided you configure them as e-mail enabled security groups in AD. When there is a valid e-mail address for your group, notifications can be pushed through to all group members.


  2. Hai,

    I have a issue it is possible to send a mail to the security group “without” enable Email.It is possible ?
    if it is possible please share me any information regards this issue.



  3. As far as I know, this is not possible. In order to send an email, to a group you have to mail-enable it.

Leave a Comment.