Forum Discussion
Solved
Why no OUs in Azure AD
I'm starting to look at Intune for managing our desktops. I have created a dynamic group and pointed that at a particular OU but I've realised it never gets any members as there are no OUs in Azure A...
Sadly, administrative units are good for nothing. They have so many limitations, they're practically just a "proof of concept". You will not be able to use them in Intune, or anything else for that matter.
And in general, if you want a "traditional" desktop management, based on OUs/GPOs and so on, Azure AD and Intune are NOT the solution for it. AD DS might get closer, but personally I'd stick with good old proven methods...
You are correct - AAD does not have OUs, but the AAD Connect sync tool can sync across users from OUs.
AAD is flat from an organisational perspective, as opposed to AD - which dates back over 15 years now. Times have changed and groups are king.
You can use features like dynamic group membership to assign licenses and access to things, as well as groups that you would use in Intune.
I don't have a specific answer for you, but it does require you to change your thinking.
AAD is flat from an organisational perspective, as opposed to AD - which dates back over 15 years now. Times have changed and groups are king.
You can use features like dynamic group membership to assign licenses and access to things, as well as groups that you would use in Intune.
I don't have a specific answer for you, but it does require you to change your thinking.