Related to AADConnect i have some doubts I need help with
1. When check a group which is being synced member count on-premise is different and member count online is different ?
2. I have check CN attribute is pulled into metaverse, and to the point i have undestood it is synced to commonName attribute in Azure AD but it never shows when you dump user attributes from Azure AD ? (CN is not available in Azure AD ?)
2) There are multiple attributes that are synced to Azure AD, but not exposed in any of the admin portals. Some of these can be accessed via the Graph, other such as the CN cannot. But you can use something like the onPremisesDistinguishedName?
It's simply not exposed anywhere. But as CN is practically a part of the DistinguishedName attribute, you can get it from the value of the onPremisesDistinguishedName, which is available via the Graph or Azure AD (Get-AzureADUserExtension).
Thats exactly my question here why is this attribute not exposed on AzureAD whats the rationale behind not only the CN attribute commonName, alias and infact when you expand extensionproperty attribute you can see user identities that one is also empty and with the full dn value being returned will require tweaking to extract only the cn value however i am curious why this behavior in the first place