06-09-2019 08:50 AM
06-09-2019 08:50 AM
I work for a non-profit and after hours of research I'm still confused as to the Azure AD connection options.
Currently we are synced, but only from our AD on premise to the cloud. Not all users need on-premise computer access, so to help with time and complexity, I was going to start adding our seasonal employees as a cloud only user. That way they dont need to set their PW on a local computer & wait for sync. However, we have a 'staff' distribution group on-premise, so I ran into a snag with my plan when I couldn't add the cloud only account to the group.
I realize I could re-create the group in cloud then re-add everyone to it, however this opens up more issues down the line. I want to be able to do write back with groups, or ideally, write back with anything I want, it'd be great if I could just select which things write back and which don't.
Can you let me know what kind of license I would need for that? We have the option to apply some of these credits "includes up to $1,500 of Azure Active Directory Premium available via donated Enterprise Mobility + Security E3 subscriptions (up to 50 seats)."
I don't understand how that would work if I had the E3 license on certain users, seems they could writeback on PWs, but that doesn't help my group issue.
Any help appreciated. Thanks!
06-09-2019 09:38 AM
@PJGMark- what are your current license? I know once you get into Azure AD, you'll need at least P1 to do useful things.
You should be able to pick and choose which groups to sync by creating specific OU's. Another workaround is possibly just creating a separate distribution group i.e. 'Seasonal Staff', either set a rule to copy whenever an email get sent to Staff or keep it separate.
It might be also beneficial to create them on-prem so everything is in unison... plus you can take advantage of using dynamic membership rules, check out the use case here with airline industry. This is al based in Azure AD, so ignore the Teams part (that can be useful too for communication and check out Teams Shifts)
06-09-2019 10:59 AM
06-10-2019 09:24 AM
@Dean Gross Thanks, I'll keep an eye out for that, yes we use Office 365 for email and office apps, trying to figure out how to get most use out of what they offer for non profits though.
06-10-2019 09:29 AM
@jerome317 Thanks! It's hard for me even to figure out what version of Azure AD we have. I think it's just basic since we dont have any P1/P2s,
The email rule you mentioned might be best option for now, I'll check out dynamic memberships, the main issue with doing it on-site is that they need a local computer to set/reset their PW.