Forum Discussion
Dynamic Group Membership - issue with rule
Paranthesis? Try this:
(user.accountEnabled -eq true) -and (user.employeeID -ne $null)
Well, also the fact that employeeID is not supported. You can find the list of supported proeprties here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-accessmanagement-groups-with-advanced-rules
Thanks for the reply. I just added the parenthesis, but it still says 0 members.
I didn't see employeeID in the help document, as you are pointing out, however I did sync employeeID as a custom attribute and tried that custom attribute with varied results.
There was also the recommendation in the help document to use the Graph Explorer to see the attributes, and when I did that I noticed that even though employeeID was not listed in the Dynamic Groups help page, it is there on the user object.
If I intentionally do a typo in employeeID (employeeI for example) the Dynamic memberthip rule editor interface throws an error, so it is validating and accepting the input.
I am stumpted.
Is there any way to troubleshoot this?
Cant you use any other attribute from the supported list?
- I just did a new test group with a simple rule of (user.accountEnabled -eq true) and it still came up empty.
I think there may be something broken or something fundamental that I am missing.Do you have the necessary licenses applied? The feature requires Azure AD Premium for ALL users in the scope of the rule.