This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 72%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERF%3C/text%3E%3C/svg%3E)
Hi All
We are using exchange 2016 hybrid environment, we create users in onprem and migrate to online. In Azure AD I can see Office location for the users i.e it is synced from onprem to azure AD.
I want to create dynamic unified group for one office location lets say office location is abc. In abc location, some users have office location as abc and for some users office location is remote, abc. I want pull users with office location abc and abc, remote. In Azure AD for the unified group, under dynamic membership rules i want to try the below queries but i am not sure, please guide me.
(user.Office location -eq "*abc*") -or (user.Office location -eq "*abc*" and "*remote*" )
(user.Office location -contains "*abc*") -or (user.Office location -eq "*abc*" and "*remote*" )
I am only looking for key words abc ,remote, after abc or before abc, after remote or before remote it can be anything.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Do you really mean that you want to create a unified group? Or do you want to create a Dynamic Distribution group that will allow you to send email to one group whose membership includes users from locations "abc" and "abc, remote"?
Those are two different types of groups, and a unified group can exist only in the cloud service.
i have created unified group-->In Azure AD for the group properties-->Membership type: Dynamic User-->Add dynamic query Rule Syntax-->Edit--> i have used the below syntaxes and when i click Validate Rules i am getting this error.
(user.officelocation -eq "abc") -or (user.officelocation -eq "Remote, abc")
Dynamic membership rule validation error: Unsupported property.Unsupported property 'officelocation'
(user.office -eq "abc") -or (user.office -eq "Remote, abc")
Dynamic membership rule validation error: Unsupported property.Unsupported property 'office'
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Hi @Rising Flight ,
I'm writing to check if your issue has been resolved. If the problem is successfully resolved, you can share your solution or accept post you find helpful as answer. This can be beneficial to others who reading this thread. If you need further assistance on this, please feel free to post back. Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.
I wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
I don't see "officelocation" or "office" in the list of acceptable property names here: https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-membership
Hi @Rising Flight ,
I want pull users with office location abc and abc, remote.
Based on my test, office location field is corresponding to the property "physicalDeliveryOfficeName".
So, I‘d recommend using the syntax below instead:
(user.physicalDeliveryOfficeName -eq "abc") -or (user.physicalDeliveryOfficeName -eq "Remote, abc") -or (user.physicalDeliveryOfficeName -eq "abc, Remote")
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in [our documentation] to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you for posting this in Microsoft Q&A.
As Rich Matheisen mentioned, there is no "officelocation" or "office" attributes which are shown for dynamic group rules.
https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-membership
I have checked this in my lab and when we pull the user properties from Azure AD, I found that Office location attribute is set in Azure AD as user attribute "physicalDeliveryOfficeName".
To filter users with office location you will have to use the "user.physicalDeliveryOfficeName -eq "value"" in your rule that you create.
You can use the rule as below and this should work for you,
(user.physicalDeliveryOfficeName -eq "abc") -or (user.physicalDeliveryOfficeName -eq "Remote, abc") -or (user.physicalDeliveryOfficeName -eq "abc, Remote")
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Microsoft has "simplified" in their cmdlets many property names in the AD to make it more convenient for admins. However, the attribute name in the AD for the "Office" property is physicalDeliveryOfficeName. The cmdlets just "translate" them for you. However, the Azure AD isn't the Active Directory.
Before the advent of PowerShell, writing code to manage the AD had to be done in languages like VB and Perl using ADSI and COM objects where there was no such simplification.