Hello @KRW Admin
Thank you for reaching out. The error Dn-Attribute-failure
on AD Security Groups usually occurs when there are users with duplicate attribute values in the on-premises domain and are part of the group being sync'd to Azure AD. For example, you can have the same SMTP/Proxy address configured for 2 users in local AD, but when you sync those users to Azure AD, you will encounter a Dn-Attribute-failure
error for all the AD Security Group user is part of.
To resolve this error, you need to correct the duplicate attributes in your on-premises AD all the users who are part of the affected group. After making the changes in your local AD, run Start-ADSyncSyncCycle -PolicyType Initial
to run a full sync cycle.
Read more: End-to-end troubleshooting of Azure AD Connect objects and attributes
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.