Synching Specific Attributes to Entra for User Authentication Methods Information and SSPR

rr-4098 1,766 Reputation points
2025-01-04T07:04:45.25+00:00

We are in the process to updating all user accounts onprem so we can prepopulate users authentication information in Entra as listed in the following link: https://stackoverflow.com/questions/75949643/automatic-transfer-of-users-phone-numbers-from-active-directory-on-premises-t Also has anyone tried this before? If so, did you run into any issues? The other thing we are trying to in include is the users home email address for use as a backup in self service password reset. Question 1, which attribute does the home email address map to in Entra. Secondly, while we add users personal cell and email addresses to onprem so it can synch to Entra, how can we make sure peoples personal contact information is not see by everyone?

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,509 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,899 questions
{count} votes

Accepted answer
  1. Harshitha Eligeti 1,370 Reputation points Microsoft Vendor
    2025-01-06T18:06:11.6766667+00:00

    Hi @rr-4098 •   
    Thank you for reaching out Microsoft Q&A.   

    Regarding your question about which attribute the home email address maps to in Entra during synchronization, you can check the specific user’s properties directly in Entra ID. If the home email address is a custom attribute created in your Active Directory schema, you will need to add a custom attribute extension while configuring Azure AD Connect. This way, the attribute will be created under the user’s properties in Entra, even if the custom attribute is being used for other purposes in your applications. 

    As for your second question about adding users' personal cell phone numbers and email addresses to your on-premises Active Directory so they can sync to Entra, unfortunately, there is currently no feature in Entra that allows you to restrict visibility of personal contact information for individual users.   
    Hope this helps. Do let us know if you have any further queries.   

    Regards, 
    Harshitha Eligeti 


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.