Share via

query correction

Rising Flight 6,456 Reputation points
2023-12-19T14:38:30.7433333+00:00

Hi All

I want to create a dynamic unified group. i have the below requirement. i want to pull all the users from a specific department from EMEA Region with job codes, excluding the country abc(but i want to add one user john who belongs to country abc, this country abc is in EMEA)

extensionAttribute1-->EMEA (Data is synced from onprem to Azure)

externsionAttribute2-->JobCodes (Data is synced from onprem to Azure)

will the below query work for me.( i am using employee id of john not sure will john gets added)

From the Azure AD-Groups-Properties-->Membership Type: Dynamic user--Add dynamic query

(user.accountEnabled -eq true) and ((user.department -startsWith "123") or (user.department -startsWith "124") or (user.employeeId -eq "98765")) and (user.extensionAttribute1 -contains "EMEA") and (user.country -ne "abc") and ((user.extensionAttribute2 -eq "A1") or (user.extensionAttribute2 -eq "A2"))
Exchange Online
Exchange Online

A cloud-based service included in Microsoft 365, delivering scalable messaging and collaboration features with simplified management and automatic updates.

Exchange | Exchange Server | Management
Exchange | Exchange Server | Management

The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.

Exchange | Hybrid management
Exchange | Hybrid management

The administration of a hybrid deployment that connects on-premises Exchange Server with Exchange Online, enabling seamless integration and centralized control.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Answer accepted by question author
  1. Akhilesh Vallamkonda 15,350 Reputation points Moderator
    2023-12-20T13:03:28.03+00:00

    Hi @Rising Flight

    Thank you for posting your query on Q&A.
    I understand that you are looking to create dynamic group in Azure AD with users from specific departments in the EMEA region, excluding a specific country (abc), but including a specific user (John) from that excluded country.

    The query you have written is may does not work, because it uses the -startsWith operator for department, which will match any department that begins with 123 or 124, also you have used the -contains operator for extensionAttribute1, which will match any value that contains EMEA.
    In your case to achieve your ask I would suggest you try with the below expression.

     (user.accountEnabled -eq true) and  (user.extensionAttribute1 -eq "EMEA") and  (   (user.department -eq "123" or user.department -eq "124") and    (user.extensionAttribute2 -eq "A1" or user.extensionAttribute2 -eq "A2") and    (user.country -ne "abc" or (user.country -eq "abc" and user.employeeId -eq "98765")) )

    The above expression pull all the users from department 123 or 124, with job codes A1 or A2, from EMEA region, excluding the country abc, except for the user John who has the employee ID 98765.
    I hope this answer helps! If you have any further questions, please feel free to ask.

    Thanks,
    Akhilesh.
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.