Office 365 Group write back - hide in on-prem GAL

Geseronta 

No resolution on behalf of Microsoft, even with AADC 2.0 release.

I implemented my own solution with a custom sync rule that looks for something in the Unified Group data to be able to trigger the group to be hidden on-prem. I copied one of the existing "Out to AD" rules as a starting point.

The logic I used is based on the description of the Unified Group as set in the cloud.  In my case I'm looking for the description to "end with" the word "Hidden".  As an example, if the group description is "My IT Group - Hidden" than this rule matches.  I chose to do it this way because there may have been some reason I wanted some Unified Groups hidden in on-prem AD and others not to be hidden.

Description
Connected System = on-prem AD domain
Connected System Object Type = group
Metaverse Object Ty[e = group
Link Type = Join
Precedence = 50

Scoping Filter
Attribute = cloudMsatered

Operator = EQUAL

Value = TRUE

Attribute = description

Operator = ENDSWITH

Value = Hidden

Transformations

FlowType = Constant

Target Attribute = msExchHideFromAddressList

Source = true

Merge Type = update

You can adapt your Scoping filter as needed based on your desires.  If you wanted every Unified Group to be hidden on-prem, you can just use cloudMastere EQUAL true for the scope and nothing else and that should do it.