By default on-prem AD groups do not work flawlessly with Sharepoint sites with teams enabled.
You can put the AD group for access to the site through the site memberships, but you cannot add the group for Teams access.
This can be solved by using dynamic groups in Entra AD.
This solution assumes you use on-prem AD to give users access to sharepoint sites. Otherwise there is no real reason to apply this.
- Login to Entra ID (https://entra.microsoft.com)
- Go to Groups > All Groups
- By default, Teams enabled sharepoint sites automatically make a group for you with the same name as the site. Use the searchbox to find the group and open the properties
- Inside the properties, select Properties
- Set Membership type to Dynamic User and then click on the Add dynamic query
- At this stage the Memberof property isn't available yet as a dropdown option so you will have to enter your own query, click on the Edit button on the right side of the text box
- Enter the following query in the Rule syntax box
You can find the ObjectID of the AD group by searching for it in the list of groups in Entra IDuser.memberof -any (group.objectId -in ['<object id of AD Group>']) - Click Ok when done and then Save
- Depending on the size of the AD group it could take a second or minutes for the group members to start populating
Because this group is automatically known as a Sharepoint Site, all the users in your AD group will be added to the teams group so users automatically get access to the the teams group and through the members group in sharepoint they also get added there for access to the site. All dynamically and only by making changes to the AD group.