Azure AD Sync - Default attribute synced and DirectoryExtension
Question
Should be very simple, but I can't find an exact article anywhere. Have been using Azure AD Sync for awhile, but never really know this part because I never set up from scratch. I guess I can do try and error, but the environment that I'm on, seems hard to allow me to do this.
Default Attribute synced from Azure AD Sync tool
Take example: proxyAddress attribute in AD. My current setup is this attribute is included to be synced in DirectoryExtension.
If I remove this from DirectoryExtension, will it still be synced to the actually proxyAddress in Azure AD?
or similar question: Does extension synced from DirectoryExtension actually synced to a different attribute in Azure AD (extension_8xxxxxxxxxx_proxyAddresses)? and basic attribute (city, proxyAddress, mail) will be synced regardless of DirectoryExtension?
Thanks!
2 answers
solution1
0 ACCPTED 2021-09-30 23:59:03
Found out answer to my own questions. Attribute added to DirectoryExtension is synced to a different attribute in Azure AD ( extension_8xxxxxx_aaaaa )
Here is the complete sets of default attribute already synced without having to do anything in Azure AD Connect
solution2
0 2021-10-01 17:24:16
• The schema and its attributes are of the same compatibility version in on-premises active directory and in the Azure active directory. As AAD is an extension of on-premises AD functionality in the cloud, thus it supports AD attribute synchronization for on-premises AD through Azure AD Connect tool for specific versions and editions of Windows Server builds.
• Thus, windows server 2016 and later are recommended and preferred for on-premises active directory synchronization. Also, custom attributes that are created/added in the on-premises AD can be synced through AAD Connect and the same synced attributes will be added as an additional attribute other then the default attributes in Azure AD.
• Also, the default attributes if in case are modified/changed to a new attribute name in the on-premises AD, then these changed/modified attributes are synced in AAD and the same changed/modified attributes are created during the synchronization process while leaving the default named attributes unchanged/undefined in AAD. Thus, it is not recommended to change/modify the default attributes of on-premises AD and rather than add custom attributes and synchronize them accordingly to AAD.
Please find the below links for more information: -
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.