Home

Group Membership Sync Issue in AAD Hybrid Deployment

%3CLINGO-SUB%20id%3D%22lingo-sub-806085%22%20slang%3D%22en-US%22%3EGroup%20Membership%20Sync%20Issue%20in%20AAD%20Hybrid%20Deployment%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-806085%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20guys%2C%3C%2FP%3E%3CP%3EI%20want%20to%20implement%20a%20hybrid%20Azure%20AD%2C%20now%20the%20users%20and%20groups%20have%20been%20synchronized%20to%20AAD%2C%20but%20the%20membership%20missed.%3C%2FP%3E%3COL%3E%3CLI%3E%26nbsp%3BI%20built%20a%20domain%20%3CEM%3Emycorp.com%3C%2FEM%3E%2C%20and%20a%20child%20domain%20%3CEM%3Ebr.mycorp.com%3C%2FEM%3E%2C%20the%20users%20and%20groups%20are%20in%20child%20domain%3B%3C%2FLI%3E%3CLI%3EJoined%20a%20SQL%20Server%20(with%20AOAG)%20to%20%3CEM%3Emycorp.com%3C%2FEM%3E%2C%20and%20installed%20Azure%20AD%20Connect%20to%20a%20domain%20controller%20of%20%3CEM%3Emycorp.com%3C%2FEM%3E.%3C%2FLI%3E%3CLI%3EThe%20sync%20is%20based%20on%20OU%2C%20I%20only%20selected%20the%20OUs%20which%20contains%20groups%2C%20users%20and%20computers%3B%20the%20sync%20rules%20are%20almost%20in%20default%2C%20I%20just%20mapped%20the%20usageLocation%20attribute.%3C%2FLI%3E%3C%2FOL%3E%3CP%3ENow%2C%20all%20the%20users%20and%20group%20are%20synchronized%20to%20AAD%2C%20but%20the%20users%20are%20not%20in%20any%20groups%2C%20and%20the%20groups%20doesn't%20contains%20any%20members%2C%20the%20membership%20is%20missing!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EMy%20question%3A%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EDo%20I%20miss%20some%20steps%20or%20settings%3F%20How%20can%20I%20synchronize%20the%20membership%20to%20AAD%3F%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-806085%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAD%20Connect%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EADSync%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
chenrylee
Occasional Contributor

Hello guys,

I want to implement a hybrid Azure AD, now the users and groups have been synchronized to AAD, but the membership missed.

  1.  I built a domain mycorp.com, and a child domain br.mycorp.com, the users and groups are in child domain;
  2. Joined a SQL Server (with AOAG) to mycorp.com, and installed Azure AD Connect to a domain controller of mycorp.com.
  3. The sync is based on OU, I only selected the OUs which contains groups, users and computers; the sync rules are almost in default, I just mapped the usageLocation attribute.

Now, all the users and group are synchronized to AAD, but the users are not in any groups, and the groups doesn't contains any members, the membership is missing!

 

My question: 

Do I miss some steps or settings? How can I synchronize the membership to AAD?

Thank you.

Related Conversations
New Team is not showing up in Outlook Desktop
Ms. Aaron Arce in Microsoft Teams on
22 Replies
does not designate permitted sender hosts
Navishkar Sadheo in Exchange on
4 Replies
AAD Sync
John White in Discussions on
7 Replies
Problem downloading Edge insider browser
HotCakeX in Discussions on
13 Replies