What objects are required to sync for Azure AD Connect?

Brass Contributor

Trying to clean up our environment of unnecessarily synced objects. Of course, I want to sync users with e-mail, security groups, contacts, and so forth. However, the following top-level domain OUs I'm not sure about...

  • Infrastructure: Even with "Advanced Features" ticked, I can't see this OU in ADUC
  • Microsoft Exchange Security Groups
  • Microsoft Exchange System Objects
  • Program Data
  • RegisteredDevices: This seems tied to Azure/Intune so I figure it's safer to keep it.
  • System
  • Users

We used to have an Exchange server merely for schema, not hosting any mailboxes on-premise. However, I decommissioned it a couple months ago per this article: Manage recipients in Exchange Server 2019 Hybrid environments | Microsoft Learn


There's also the "Exchange hybrid deployment" checkbox under "Optional features" that I'm unsure if I need anymore.

1 Reply
Nothing is "required" for sync, you decide which objects to synchronize, if at all. And you do not need the checkbox you mentioned, this is only relevant for Hybrid installs and enables (limited) writeback for some attributes.