Forum Discussion
Chris_Smith_Bouncer83
Jun 15, 2023Copper Contributor
Synchronizing AD attributes with security bit set (search flag 128/129) to Azure using AADC
I've got some custom attributes that are marked as confidential in Active Directory, however I need to move these attributes to Azure Active Directory with AADC. However these attributes always come...
LainRobertson
Jun 17, 2023Silver Contributor
Hi, Chris.
Perhaps double-check that the AAD Connect service account has both of the following two rights specified within the ACE, rather than perhaps just the first one:
- Read attribute (at a minimum; obviously you could use something higher-privileged);
- Control access.
Here's an example when viewed using the Microsoft ldp.exe tool:
If you have the first in place but not the second, you will get null as the return value.
Cheers,
Lain