What data can the Microsoft Entra Connect tool sync?

 

What data can the Microsoft Entra Connect tool sync?

Microsoft Entra Connect (formerly Azure AD Connect) focuses on synchronizing identity data essential for user access management across cloud and on-premises environments.

• User Accounts: Entra Connect synchronizes most user account attributes, including critical ones like User Principal Name (UPN) - for login purposes Security Identifier (SID) - unique identifier for the user account First Name, Last Name, Display Name - user identification information Additional attributes can be configured for synchronization based on your needs.
• Groups: It synchronizes group memberships, allowing users to be part of security groups or distribution groups in both environments.

Not Supported Data:

• Certain Attributes: You can specifically exclude attributes from syncing if needed.
• SidHistory Attributes: These attributes track historical SIDs for users and groups and aren't synced.
• Group Policy Objects (GPOs): GPOs define settings for on-premises machines and aren't relevant to Azure AD.
• Sysvol Folder Contents: This folder stores GPO files and isn't synced.
• Computer Objects: Objects representing on-premises machines aren't typically synced for user identity management.
• Organization Unit (OU) Structures: The hierarchical structure of OUs in your on-premises AD isn't directly synced to Azure AD.

In essence, Entra Connect prioritizes syncing data crucial for user authentication and authorization across cloud and on-premises resources.