Azure AD connect group filtering

Using Azure AD connect you have an option to filter by group. The filtering on groups feature allows you to sync only a small subset of objects for a pilot. This feature is only intended to support a pilot deployment. Do not use it in a full-blown production deployment.

Before starting, take in consideration the following key points:

  1. The group in AD can be a security group or a distribution group.
  2. It is required that the group is in a OU that is synchronized with the Azure AD otherwise the filtering will not work.

When you select the domain and OU filtering, specify the OU where all the users are and also specify the OU where the group used for filtering is.

ou filtering.png

Then in the filtering specify the group name. In order to get the group name from your AD you can execute the following command

Get-ADGroup groupname

group filtering.png

Source of this article:

https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-get-started-custom#sync-filtering-based-on-groups

Leave a Reply

Your email address will not be published. Required fields are marked *


*