question

TravisRabe-0590 avatar image
0 Votes"
TravisRabe-0590 asked TravisRabe-0590 commented

Azure AD Sync - Device Groups Not Syncing Members

I have setup some device groups and have some other well established device groups and have just noticed that groups containing devices are not syncing correctly to Azure. The groups themselves sync, but members of the groups, if there are device groups, do not.

For Example:

  • I have a Security Group in AD called "CorpComputers"

  • One of the members of that group is "CorpComputerA"

Both the Group and the machine can be found in Azure, but the machine cannot be found as a member of that group in Azure.


I've tried changing the group to a "universal" group to see if that would make a difference, but it had no impact. What am I missing?



azure-ad-device-management
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

After doing a ton of reading, I found this article. Is this a requirement and maybe part of my issue?

https://www.orbid365.be/hybrid-azure-ad-join-p1/

All of my devices are listed as "Azure Ad registered".

0 Votes 0 ·

1 Answer

MarileeTurscak-MSFT avatar image
2 Votes"
MarileeTurscak-MSFT answered TravisRabe-0590 commented

Azure AD Connect does not support synchronizing Primary Group memberships to Azure AD. You may need to change the Primary Group.

Azure AD Connect does not support synchronizing Dynamic Distribution Group memberships to Azure AD.

Nested groups also aren't supported.

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/concept-azure-ad-connect-sync-user-and-contacts

https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/exclude-user-primary-group

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

The Primary group is the default, Domain Computers.

The groups are not nested.

Again. The group syncs, the computer syncs. But the group is empty.

0 Votes 0 ·