question

SeanChestnut-7590 avatar image
0 Votes"
SeanChestnut-7590 asked MikkoNissinen-0217 published

What happened to Alias writeback from AzureAD to Onsite AD?

So, I've been working with ADSync for awhile now and took a little bit of a hiatus from the field, but upon returning it seems there are some features missing from AD Connect that used to work without issue.

First and foremost, I'm very aware that User Writeback has been removed as a feature, but in the last year I've setup at least 3 different clients wherein User Writeback would have been incredibly handy. Why was this removed? It was originally stated that it was going to be a temporary removal, do we know when we are going to see User Writeback as a feature for AD Connect again?

Second, what happened to being able to create Aliases in O365 and write the proxyAddress back to Local AD? This was a feature that was available at one point and time. I believe I have a few clients left that still have that feature available to their systems, but it seems newer setups are missing this feature even if they have exchange hybrid environments. Am I missing something key? Did I misconfigure a setting somewhere or is this no longer available due to the disabled User Writeback feature.

My concern on these topics is that I have a couple environments where the clients would like to be able to manage most things through Azure AD but also wish to maintain an on-prem environment for device management and Group Policy.

azure-active-directorywindows-active-directoryazure-ad-connectazure-ad-hybrid-identity
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

As you mentioned, the user writeback feature that was used in the previous builds was a preview feature and was removed in 2015 due to a variety of issues with it. (I'm not sure what all of those were, but I suspect it had to do with attribute mapping and keeping the source of truth for the user attributes in one place.)

One workaround which you may have heard about is to create a PowerShell script that scans Azure AD regularly, finds the users in Azure, and then creates an on-premises user with the attributes in AAD. (There is an example of this here from Peter Stapf, if you haven't seen this yet.)

I've pushed your request to the Azure AD Connect team to see if they have an update about whether this will be supported in the future. I haven't heard of any recent plans for this, though it has been requested frequently. I will let you know what they say.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered MikkoNissinen-0217 published

Update from the product group: we are currently working to enable user writeback. There isn't an official ETA, but it's being actively worked on and should come in the near future.

Hope this helps!

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Any update about the writeback feature?

0 Votes 0 ·