Microsoft Entra
A group of Microsoft multicloud identity and access solutions.
2,575 questions
Azure AD Group Writeback Ignores 'Group writeback state' Setting. Writes Back as Distribution 'groupType' regardless of 'OnPremisesGroupType'
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 38%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Matt
0
Reputation points
Group writeback is configured in the environment and groups are writing back as expected, however, the local 'groupType' attribute is writing back as a Distribution Group regardless of the group writeback state configured in Azure options of 'Security/Mail enabled security/Distribution'. When I run "(Get-MgBetaGroup -groupid $groupID).WritebackConfiguration" this returns the expected attributes showing configured correctly: IsEnabled:True OnPremisesGroupType:UniversalSecurityGroup This is happening for all groups existing and newly created. As per learn.microsoft for 'update-mgbetagroup' this can happen 'If isEnabled or the NewUnifiedGroupWritebackDefault group setting is true but this property isn't explicitly configured: Microsoft 365 groups are written back as universalDistributionGroup by defaultSecurity groups are written back as universalSecurityGroup by default' ...however, the property is explicitly configured as 'universalSecurityGroup'
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,961 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Akhilesh Vallamkonda 15,310 Reputation points Microsoft External Staff Moderator2024-02-23T16:59:11.11+00:00 -
Matt 0 Reputation points
2024-02-26T04:38:53.8333333+00:00 I think over a few days I've figured out the issue here. Due to Microsoft's ridiculous, constant name, feature and product changes the majority of their documentation is irrelevant and has been superseded. Between Unified Group Writeback, GroupWriteBackV2, Azure AD Connect, Microsoft Entra Connect, Entra Connect Sync, Entra Cloud Sync... I found that what I was trying to do had been depreciated, superseded and migrated to another product.
As of writing, this is currently the only working method for group writeback https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/how-to-configure-entra-to-active-directory
-
Akhilesh Vallamkonda 15,310 Reputation points Microsoft External Staff Moderator
2024-02-28T12:03:16.7833333+00:00 Hi @Matt
I am sorry about the feature is depreciated thank you so much for your research. However, you can share the feedback on our feedback recovery of access review which is closely monitored by our product team.
Sign in to comment
Sign in to answer