Home

Active Directory Write Back Questions - Non profit

%3CLINGO-SUB%20id%3D%22lingo-sub-679533%22%20slang%3D%22en-US%22%3EActive%20Directory%20Write%20Back%20Questions%20-%20Non%20profit%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-679533%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI%20work%20for%20a%20non-profit%20and%20after%20hours%20of%20research%20I'm%20still%20confused%20as%20to%20the%20Azure%20AD%20connection%20options.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECurrently%20we%20are%20synced%2C%20but%20only%20from%20our%20AD%20on%20premise%20to%20the%20cloud.%26nbsp%3B%20Not%20all%20users%20need%20on-premise%20computer%20access%2C%20so%20to%20help%20with%20time%20and%20complexity%2C%20I%20was%20going%20to%20start%20adding%20our%20seasonal%20employees%20as%20a%20cloud%20only%20user.%26nbsp%3B%20That%20way%20they%20dont%20need%20to%20set%20their%20PW%20on%20a%20local%20computer%20%26amp%3B%20wait%20for%20sync.%26nbsp%3B%20%26nbsp%3BHowever%2C%20we%20have%20a%20'staff'%20distribution%20group%20on-premise%2C%20so%20I%20ran%20into%20a%20snag%20with%20my%20plan%20when%20I%20couldn't%20add%20the%20cloud%20only%20account%20to%20the%20group.%26nbsp%3B%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20realize%20I%20could%20re-create%20the%20group%20in%20cloud%20then%20re-add%20everyone%20to%20it%2C%20however%20this%20opens%20up%20more%20issues%20down%20the%20line.%26nbsp%3B%20I%20want%20to%20be%20able%20to%20do%20write%20back%20with%20groups%2C%20or%20ideally%2C%20write%20back%20with%20anything%20I%20want%2C%20it'd%20be%20great%20if%20I%20could%20just%20select%20which%20things%20write%20back%20and%20which%20don't.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20let%20me%20know%20what%20kind%20of%20license%20I%20would%20need%20for%20that%3F%26nbsp%3B%20We%20have%20the%20option%20to%20apply%20some%20of%20these%20credits%20%22in%3CSPAN%3Ecludes%20up%20to%20%241%2C500%20of%20Azure%20Active%20Directory%20Premium%20available%20via%20donated%20Enterprise%20Mobility%20%2B%20Security%20E3%20subscriptions%20(up%20to%2050%20seats).%22%3C%2FSPAN%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20don't%20understand%20how%20that%20would%20work%20if%20I%20had%20the%20E3%20license%20on%20certain%20users%2C%20seems%20they%20could%20writeback%20on%20PWs%2C%20but%20that%20doesn't%26nbsp%3Bhelp%20my%20group%20issue.%26nbsp%3B%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EAny%20help%20appreciated.%26nbsp%3B%20Thanks!%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EMark%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-679533%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-679563%22%20slang%3D%22en-US%22%3ERe%3A%20Active%20Directory%20Write%20Back%20Questions%20-%20Non%20profit%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-679563%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F357179%22%20target%3D%22_blank%22%3E%40PJGMark%3C%2FA%3E-%20what%20are%20your%20current%20license%3F%20I%20know%20once%20you%20get%20into%20Azure%20AD%2C%20you'll%20need%20at%20least%20P1%20to%20do%20useful%20things.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20should%20be%20able%20to%20pick%20and%20choose%20which%20groups%20to%20sync%20by%20creating%20specific%20OU's.%20Another%20workaround%20is%20possibly%20just%20creating%20a%20separate%20distribution%20group%20i.e.%20'Seasonal%20Staff'%2C%20either%20set%20a%20rule%20to%20copy%20whenever%20an%20email%20get%20sent%20to%20Staff%20or%20keep%20it%20separate.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIt%20might%20be%20also%20beneficial%20to%20create%20them%20on-prem%20so%20everything%20is%20in%20unison...%20plus%20you%20can%20take%20advantage%20of%20using%20dynamic%20membership%20rules%2C%20check%20out%20the%20use%20case%20here%20with%20airline%20industry.%20This%20is%20al%20based%20in%20Azure%20AD%2C%20so%20ignore%20the%20Teams%20part%20(that%20can%20be%20useful%20too%20for%20communication%20and%20check%20out%20Teams%20Shifts)%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Fdynamic-memberships%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Fdynamic-memberships%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-679629%22%20slang%3D%22en-US%22%3ERe%3A%20Active%20Directory%20Write%20Back%20Questions%20-%20Non%20profit%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-679629%22%20slang%3D%22en-US%22%3ENot%20exactly%20what%20you%20are%20asking%2C%20but%20Microsoft%20is%20working%20on%20some%20plans%20to%20make%20it%20easier%20to%20add%2Fmanage%20seasonal%20workers%20(Firstline%20Workers)%20the%20details%20and%20schedule%20are%20still%20be%20determined.%3CBR%20%2F%3Eare%20you%20using%20Office%20365%20or%20just%20other%20apps%3F%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-680881%22%20slang%3D%22en-US%22%3ERe%3A%20Active%20Directory%20Write%20Back%20Questions%20-%20Non%20profit%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-680881%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1096%22%20target%3D%22_blank%22%3E%40Dean%20Gross%3C%2FA%3E%26nbsp%3B%20Thanks%2C%20I'll%20keep%20an%20eye%20out%20for%20that%2C%20yes%20we%20use%20Office%20365%20for%20email%20and%20office%20apps%2C%20trying%20to%20figure%20out%20how%20to%20get%20most%20use%20out%20of%20what%20they%20offer%20for%20non%20profits%20though.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-680914%22%20slang%3D%22en-US%22%3ERe%3A%20Active%20Directory%20Write%20Back%20Questions%20-%20Non%20profit%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-680914%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F328428%22%20target%3D%22_blank%22%3E%40jerome317%3C%2FA%3E%26nbsp%3B%20Thanks!%26nbsp%3B%20It's%20hard%20for%20me%20even%20to%20figure%20out%20what%20version%20of%20Azure%20AD%20we%20have.%26nbsp%3B%20I%20think%20it's%20just%20basic%20since%20we%20dont%20have%20any%20P1%2FP2s%2C%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20email%20rule%20you%20mentioned%20might%20be%20best%20option%20for%20now%2C%20I'll%20check%20out%20dynamic%20memberships%2C%20the%20main%20issue%20with%20doing%20it%20on-site%20is%20that%20they%20need%20a%20local%20computer%20to%20set%2Freset%20their%20PW.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
PJGMark
New Contributor

Hi,

I work for a non-profit and after hours of research I'm still confused as to the Azure AD connection options.  

 

Currently we are synced, but only from our AD on premise to the cloud.  Not all users need on-premise computer access, so to help with time and complexity, I was going to start adding our seasonal employees as a cloud only user.  That way they dont need to set their PW on a local computer & wait for sync.   However, we have a 'staff' distribution group on-premise, so I ran into a snag with my plan when I couldn't add the cloud only account to the group.   

 

I realize I could re-create the group in cloud then re-add everyone to it, however this opens up more issues down the line.  I want to be able to do write back with groups, or ideally, write back with anything I want, it'd be great if I could just select which things write back and which don't.  

 

Can you let me know what kind of license I would need for that?  We have the option to apply some of these credits "includes up to $1,500 of Azure Active Directory Premium available via donated Enterprise Mobility + Security E3 subscriptions (up to 50 seats)."  

 

I don't understand how that would work if I had the E3 license on certain users, seems they could writeback on PWs, but that doesn't help my group issue.  

 

Any help appreciated.  Thanks!

Mark

4 Replies

@PJGMark- what are your current license? I know once you get into Azure AD, you'll need at least P1 to do useful things. 

 

You should be able to pick and choose which groups to sync by creating specific OU's. Another workaround is possibly just creating a separate distribution group i.e. 'Seasonal Staff', either set a rule to copy whenever an email get sent to Staff or keep it separate. 

 

It might be also beneficial to create them on-prem so everything is in unison... plus you can take advantage of using dynamic membership rules, check out the use case here with airline industry. This is al based in Azure AD, so ignore the Teams part (that can be useful too for communication and check out Teams Shifts)

https://docs.microsoft.com/en-us/microsoftteams/dynamic-memberships

Not exactly what you are asking, but Microsoft is working on some plans to make it easier to add/manage seasonal workers (Firstline Workers) the details and schedule are still be determined.
are you using Office 365 or just other apps?

@Dean Gross  Thanks, I'll keep an eye out for that, yes we use Office 365 for email and office apps, trying to figure out how to get most use out of what they offer for non profits though. 

@jerome317  Thanks!  It's hard for me even to figure out what version of Azure AD we have.  I think it's just basic since we dont have any P1/P2s, 

 

The email rule you mentioned might be best option for now, I'll check out dynamic memberships, the main issue with doing it on-site is that they need a local computer to set/reset their PW. 

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
ChirmyRam in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies