Forum Discussion
AD group not fully synching Online
your issue is with the primary group of the users because Azure AD Connect doesn't support synchronizing Primary Group memberships to Azure AD. refer to the below article to change the primary
group of the users that are not synchronizing as members with the group
it's recommended to change the primary group to Domain Users.
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.
I'm not sure that's the issue. I compared a user that was working, with one that was not. They both have the same Primary Group of 'Domain Users'.
SpiShane let me share with you the consideration of Azure AD connect when its comes to group syncing
Important points to be aware of when synchronizing groups from Active Directory to Azure AD:
Azure AD Connect excludes built-in security groups from directory synchronization.
Azure AD Connect doesn't support synchronizing Primary Group memberships to Azure AD.
Azure AD Connect doesn't support synchronizing Dynamic Distribution Group memberships to Azure AD.
To synchronize an Active Directory group to Azure AD as a mail-enabled group:
If the group's proxyAddress attribute is empty, its mail attribute must have a value
If the group's proxyAddress attribute is non-empty, it must contain at least one SMTP proxy address value. Here are some examples:
An Active Directory group whose proxyAddress attribute has value {"X500:/0=contoso.com/ou=users/cn=testgroup"} won't be mail-enabled in Azure AD. It doesn't have an SMTP address.
An Active Directory group whose proxyAddress attribute has values {"X500:/0=contoso.com/ou=users/cn=testgroup","SMTP:email address removed for privacy reasons"} will be mail-enabled in Azure AD.
An Active Directory group whose proxyAddress attribute has values {"X500:/0=contoso.com/ou=users/cn=testgroup", "smtp:email address removed for privacy reasons"} will also be mail-enabled in Azure AD.