question

tonitodux avatar image
0 Votes"
tonitodux asked vipulsparsh-MSFT answered

Should built-in "Users" OU be synced?

Hi,

currently our built-in folder "users" in on-prem AD is being synced with azure ad. The "downside" is that in the O365 Users management console, under "Active users" I have lot of users which are not real employees. In this folder are mainly security groups, some service accounts, the built-in local Administrator account.
Can I deactivate the sync of this OU without having any mayor issues?

121849-ou.jpg

Thanks


azure-ad-hybrid-identity
ou.jpg (190.7 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

vipulsparsh-MSFT avatar image
1 Vote"
vipulsparsh-MSFT answered

@tonitodux Thanks for reaching out.

The whole point of syncing users and groups to cloud is to make it easier for them to access cloud resources. If you are sure that those built in users OU does not add any value to this concept as the objects in them have no being used in AAD resources and are just good for on-prem stuff, You can surely go ahead and uncheck that OU.

But at the same time, make sure sure that you are syncing the correct OUs with legitimate users within them.



Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.