Forum Discussion
theunknown
Apr 03, 2023Brass Contributor
Use API / ExchangeOnline PowerShell to create group possible despite using AD connect?
Hi at all 🙂
I have a question regarding provisioning distribution groups, etc in ExchangeOnline via API or PowerShell.
Actually we use the AD Connect tool for syncing informations to the Azure Active Directory (user names, e-mail adresses and department). If i check the properties of a user in the AAD, some fields are grayed out (provided via the AD connect tool).
Therefore my question:
Is it possible to create distribution groups via the API or PowerShell (parallel use to the local AD)? Or do I have to create the itens in the local AD and sync it up in the AAD?
Thx in advance for your help.
- It is possible yes, using AAD Connect does not prevent you from creating or managing cloud-only objects. But in most cases you want the object represented in AD too, i.e. centralized management.
- theunknownBrass Contributor
You say that AAD connect does not prevent me from creating cloud-only objects. Then I have different assumptions. Can you confirm this?
- S/MIME = cloud and local object --> provisioning via AD necessary
- Distribution group = cloud and local object --> provisioning via AD necessary
- MS365 Group = cloude only --> provisioning via PowerShell or GraphAPI
- Dynamic distribution group = cloud and local object --> provisioning via AD necessary
I´m not shure if the dynamic distribution group is similiar to the query based distribution group in the AD
Thx in advance for your help 😉
- Configuring S/MIME is an attribute, not an object. The rest are all object that you can either create directly in Azure AD/Exchange Online, or sync from AD. Using one method doesn't prevent the other, but you will loose the "central" management.