Why would one Sync onPrem AD groups

Question

I was looking at the sync scope for our AD connect server and see we are synching all our security and distribution groups and they show in Azure AD as well

I do not see any use of these groups as such and there is alot of chnage sthat happen to groups everydays as they are used by apps / file permisisons etc.

I only use a coupleof onPrem group in Azure AD to assign licesnes for O365 and havent though of any other reason why i will need them

ANy advice fro syncging onPrem AD groups to Azure AD

Answer 1

Hi,

there are a lot of reasons for synchronizing AD Groups to O365.

The first advantage is to facilitate the management of users and groups (created/modified/deleted in one place).

• IT admin and helpdesk already have the procedure to manage users and groups in AD. So, nothing changes for them, no need to delegate them permissions in Azure AD, which is some time complicated.
• Groups that are distribution lists are present and immediately usable in O365 for Messaging Online
• Security groups can be used in Sharepoint, and some other places.
• Hybridation (Exchange, Sharepoint, Skype/Teams) can use take advantage of that.

Now, groups in Office 365 are also a necessity, and accept more possibilities (external members, opt-in,...).

Regards,

Answer 2

Hi @Kitaab-8535,

You can only sync selected groups to Azure AD.

Open the Azure AD Connect tool (Synchronization Service Manager).

Select the Connectors tab and right-click on your On-Premises domain.

Select Properties.

Select Configure Directory Partitions and Containers.

Uncheck the containers that includes groups that you don't want to sync.

Answer 3

Thanks, isee that option . i can unselct them during the sync as well.
i like to know why would someone sync onprem groups as all excpet of few they manage to assign license with

how do people do in in production