<<Note: Originally posted to Microsoft 365 community but was told Azure community would be a more appropriate place for this question.>>
We have a Hybrid AD Joined setup with our devices and I've added a value to a Windows Active Directory attribute "extensionAttribute1", that I'd like to be able to use in the "Filter for Devices" in our Conditional Access policies.
This is a device attribute and I know it's not working as I created an Azure AD dynamic device group to test.
I suspect it may be a Azure AD Connect issue as when I go to add the Windows Active Directory attribute "extensionAttribute1", there is a "user" and a "group" extensionAttribute1 available but not a "device" attribute. I've seen there's an AD Connect mapping component but I don't know if something can be mapped if it doesn't exist as an option to begin with. I also haven't figured out how to check Azure AD to verify if the value had propagated to AAD in any form.
Any help in how to get Active Directory attributes into Azure AD to use for Device Filters for Conditional Access would be appreciated!!
Thanks