cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynamic Security group in Azure AD using attribute - preferreddatalocation

Ketzpatel
Brass Contributor

‎Aug 19 2022 10:30 AM

‎Aug 19 2022 10:30 AM

Dynamic Security group in Azure AD using attribute - preferreddatalocation

I have a need to configure group-based licensing for multi-geo license assignment and I would like to create a dynamic security group in Azure using the attribute preferreddatalocation but this is not a supported attribute to use in Azure AD. 

 

any other option to configure group-based licensing for multi-geo based on the preferreddatalocation? we only apply multi-geo to specific country users and not all.

Labels:
2,009 Views
0 Likes
5 Replies
Reply
5 Replies
oliwer_sundgren

‎Aug 21 2022 11:18 AM

‎Aug 21 2022 11:18 AM

Re: Dynamic Security group in Azure AD using attribute - preferreddatalocation

Hey there!
Any reason not to use the "usagelocation" attribute for this scenario?
0 Likes
Reply
Ketzpatel

‎Aug 21 2022 12:52 PM

‎Aug 21 2022 12:52 PM

Re: Dynamic Security group in Azure AD using attribute - preferreddatalocation

@oliwer_sundgren 

 

unfortunately we can not use usage location. Within that country only users and executives with highly sensitive data has multi-geo licenses assigned to keep their mailboxes to FR data center.

0 Likes
Reply
oliwer_sundgren

‎Aug 23 2022 11:12 AM

‎Aug 23 2022 11:12 AM

Re: Dynamic Security group in Azure AD using attribute - preferreddatalocation

I understand!
Then I would recommend using an extension attribute to tag these specific users with, and then use that attribute in your dynamic groups rule. That's the simplest and most bullet proof solution I can think of :)

Let me know if that helps or if you have further questions!
0 Likes
Reply
Ketzpatel

‎Jan 06 2023 01:02 PM

‎Jan 06 2023 01:02 PM

Re: Dynamic Security group in Azure AD using attribute - preferreddatalocation

Thanks.

Yes we have been using Ext attribute 15 to populate the data location in AD but we have need for this attribute to use somewhere and we would like to replace this in AD with MSDS-Preferreddatalocation which syncs to Azure AD preferred data location. we want to use this attribute to create dynamic DL for group-based multi-geo license assignment so above recommedation does not help us much.
0 Likes
Reply