Forum Discussion

Himanshu Singh's avatar
Himanshu Singh
Iron Contributor
Feb 21, 2019

AADConnect cn attribute and group member count

Hello

 

Related to AADConnect i have some doubts I need help with

 

1. When check a group which is being synced member count on-premise is different and member count online is different ?

 

2. I have check CN attribute is pulled into metaverse, and to the point i have undestood it is synced to commonName attribute in Azure AD but it never shows when you dump user attributes from Azure AD ? (CN is not available in Azure AD ?)

  • 1) Are all users synced? Nested groups?

    2) There are multiple attributes that are synced to Azure AD, but not exposed in any of the admin portals. Some of these can be accessed via the Graph, other such as the CN cannot. But you can use something like the onPremisesDistinguishedName?

    • Himanshu Singh's avatar
      Himanshu Singh
      Iron Contributor

      Hello Vasil,

       

      I have read a lot of your article / blogs on Office 365 groups must say great job,

       

      However in this case i can see this attribute is being synced from onpremises to online from cn to commonName, it is mentioned in the microsoft documentation also however only for AzureRMS not why ?,

      But the issue is it is not visible either so neither CN nor commonName or Alias for that attributes are visible when AzureAD is queried

      • VasilMichev's avatar
        VasilMichev
        MVP

        It's simply not exposed anywhere. But as CN is practically a part of the DistinguishedName attribute, you can get it from the value of the onPremisesDistinguishedName, which is available via the Graph or Azure AD (Get-AzureADUserExtension).

Resources