Azure AD dynamic membership rules

MarvinKetelaars-4432 6 Reputation points
2021-12-15T09:32:54.727+00:00

I have created a dynamic membership group that contains the following rule:

(user.userPrincipalName -contains "*")

I have checked the rule by using the validating tool (It works fine!), but after completing the group no users are assigned?
One thing to mention is that the created group a cloud group is and the that comply to the rule are locally created.

Do you have any suggestions? Thanks in advance!

EDIT

The group works! The synchronization just took a long time.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,876 Reputation points Moderator
    2021-12-15T10:59:27.9+00:00

    @MarvinKetelaars-4432 • The problem is not with the syntax but with the logic. The rule (user.userPrincipalName -contains "*") means any user whose UPN contains the character * should be added to the group. However, * is not a valid character that can be used in the UPN. This is why no user is being added to the group.

    What is your end goal? Which users do you want to be added to the group? Do you want all users in Azure AD to be added to the dynamic group?

    1 person found this answer helpful.

  2. Mr Sb 371 Reputation points
    2021-12-15T12:31:31.177+00:00

    FYI, when using dynamic rules you can check the status of the synchronization in the overview tab.

    157895-image.png

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.