Is there any way in AAD Connect tool to filter the accounts being 'written-back' to AD. We have Exchange Hybrid configuration and AAD Connect is writing-back some attributes to AD. However, we don't want this write-back for some selected user accounts. Can this be done?
We have some admin accounts in AD which are synced to O365. Team is reluctant (and understandably so) to give the AAD Connect tool the write-back permissions on these accounts. None of these accounts have any license in O365 and aren't meant to be used for emails in on-prem either.
What I have found so far is that there is no way to exclude these accounts from 'write-back', at least not in a way that's supported by Microsoft.