SOLVED

New attributes in AD

Iron Contributor

Is it possible to add new attributes in AD, for example "Employee hire date" and "Cost center" and sync them with Azure?

5 Replies

@AtanasM 

 

Yes, it is possible to create new attributes in AD, and sync them to Entra ID (Azure). 

 

1) Steps to create a custom Attribute:

Active Directory: Schema Update and Custom Attribute | Microsoft Learn

 

2) Steps to instruct Microsoft Entra Connect to read the schema again from AD

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-installation-wizard#r...

 

3) Steps to add additional attributes in sync to Entra ID

Microsoft Entra Connect Sync: Directory extensions - Microsoft Entra ID | Microsoft Learn

 

Please let me know, if you have any other questions!

 

 

best response confirmed by AtanasM (Iron Contributor)
Solution

@samy_vanderspikken 

 

That's mostly correct, however, there is no need to use directory extensions since Azure AD already contains native attributes for employeeHireDate and employeeOrgData.costCenter (these being the names used in Graph, as distinct from AAD Connect and possibly Cloud Sync):

 

 

I personally don't use Cloud Sync, so I'm unsure if these Azure AD attributes are presented as targets in Cloud Sync. They certainly exist in AAD Connect and MIM when using the Graph connector.

 

@AtanasM 

You don't specify if you're using AAD Connect or Cloud Sync to synchronise from Active Directory to Azure Active Directory, so here's the respective links for each showing the appropriate interface for defining the import and export attribute flows:

 

 

Cheers,

Lain

@LainRobertson 

 

Thanks for the info!

@Kidd_Ip @AtanasM 

 

Take it with a grain of salt though as this list hasn't been updated in a while and only represents the default mappings. For example, the lifecycle attributes have had export attribute flows defined for a while now (where you as the customer need to define the import attribute flows) yet you won't find any mention of this in the default mappings article.

 

 

The default mappings are effectively the "minimum required mappings" to achieve expected platform functionality. You can - and in complex environments almost always will need to - define custom mappings to achieve better business outcomes.

 

The best point of reference is to jump into either the AAD Connect synchronisation rules editor or the Cloud Sync equivalent and have a look at which attributes are listed.

 

Cheers,

Lain

1 best response

Accepted Solutions
best response confirmed by AtanasM (Iron Contributor)
Solution

@samy_vanderspikken 

 

That's mostly correct, however, there is no need to use directory extensions since Azure AD already contains native attributes for employeeHireDate and employeeOrgData.costCenter (these being the names used in Graph, as distinct from AAD Connect and possibly Cloud Sync):

 

 

I personally don't use Cloud Sync, so I'm unsure if these Azure AD attributes are presented as targets in Cloud Sync. They certainly exist in AAD Connect and MIM when using the Graph connector.

 

@AtanasM 

You don't specify if you're using AAD Connect or Cloud Sync to synchronise from Active Directory to Azure Active Directory, so here's the respective links for each showing the appropriate interface for defining the import and export attribute flows:

 

 

Cheers,

Lain

View solution in original post