Help me to use Office365 groups in SharePoint Online

See the below text from our document on how to set up the security ourselves

Context

Whenever you create a Site Collection, two O365 groups get created (xxx-Owners and xxx-Members). For retro-compatibility, these O365 groups are automatically added to the SharePoint groups at creation time.

Figure: SharePoint Advanced Permission setup – 3 traditional SharePoint Groups

Figure: “Members” SharePoint group has exactly one member – the Office 365 Group

Figure: “Owners” SharePoint group is Empty!

(Note for SharePoint gurus: O365-xxx-Members is mapped to SharePoint-xxx-members, but O365-xxx-Owners is mapped to… Site Collection Administrators! Crazy.)

Figure: “Site Collection Administrators” are mapped to The Site Owners Office 365 Group

SharePoint membership grants access to SharePoint resources, while access to Teams features (Channels, tabs, apps) is controlled directly via O365 groups.

Problem

The problem with this model is we cannot add AD (Active Directory) groups (or even O365 groups) within O365 groups (no nesting allowed). So, if we want to give access to two different sites to the same people (say SSWDevelopers), we must add ALL MEMBERS manually on EACH generated O365 group. That is ridiculous, and hard to maintain long term.

Context

Problem

Related Articles.

Help me customize Access Package emails

Help me have a clean message for email replies on an Issue

Bug – Help me to open my Teams website tabs in the browser (Broken because URL’s are case-sensitive)

Teams apps – Help me use the Teams bot with a compliance policy

Microsoft Graph API – Help me access former employees’ email messages