Home

Group Membership Sync Issue in AAD Hybrid Deployment

%3CLINGO-SUB%20id%3D%22lingo-sub-806085%22%20slang%3D%22en-US%22%3EGroup%20Membership%20Sync%20Issue%20in%20AAD%20Hybrid%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-806085%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20guys%2C%3C%2FP%3E%3CP%3EI%20want%20to%20implement%20a%20hybrid%20Azure%20AD%2C%20now%20the%20users%20and%20groups%20have%20been%20synchronized%20to%20AAD%2C%20but%20the%20membership%20missed.%3C%2FP%3E%3COL%3E%3CLI%3E%26nbsp%3BI%20built%20a%20domain%20%3CEM%3Emycorp.com%3C%2FEM%3E%2C%20and%20a%20child%20domain%20%3CEM%3Ebr.mycorp.com%3C%2FEM%3E%2C%20the%20users%20and%20groups%20are%20in%20child%20domain%3B%3C%2FLI%3E%3CLI%3EJoined%20a%20SQL%20Server%20(with%20AOAG)%20to%20%3CEM%3Emycorp.com%3C%2FEM%3E%2C%20and%20installed%20Azure%20AD%20Connect%20to%20a%20domain%20controller%20of%20%3CEM%3Emycorp.com%3C%2FEM%3E.%3C%2FLI%3E%3CLI%3EThe%20sync%20is%20based%20on%20OU%2C%20I%20only%20selected%20the%20OUs%20which%20contains%20groups%2C%20users%20and%20computers%3B%20the%20sync%20rules%20are%20almost%20in%20default%2C%20I%20just%20mapped%20the%20usageLocation%20attribute.%3C%2FLI%3E%3C%2FOL%3E%3CP%3ENow%2C%20all%20the%20users%20and%20group%20are%20synchronized%20to%20AAD%2C%20but%20the%20users%20are%20not%20in%20any%20groups%2C%20and%20the%20groups%20doesn't%20contains%20any%20members%2C%20the%20membership%20is%20missing!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EMy%20question%3A%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EDo%20I%20miss%20some%20steps%20or%20settings%3F%20How%20can%20I%20synchronize%20the%20membership%20to%20AAD%3F%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-806085%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAD%20Connect%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EADSync%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
chenrylee
Occasional Contributor

Hello guys,

I want to implement a hybrid Azure AD, now the users and groups have been synchronized to AAD, but the membership missed.

  1.  I built a domain mycorp.com, and a child domain br.mycorp.com, the users and groups are in child domain;
  2. Joined a SQL Server (with AOAG) to mycorp.com, and installed Azure AD Connect to a domain controller of mycorp.com.
  3. The sync is based on OU, I only selected the OUs which contains groups, users and computers; the sync rules are almost in default, I just mapped the usageLocation attribute.

Now, all the users and group are synchronized to AAD, but the users are not in any groups, and the groups doesn't contains any members, the membership is missing!

 

My question: 

Do I miss some steps or settings? How can I synchronize the membership to AAD?

Thank you.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
30 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies