I've got users and devices successfully syncing, but the security groups just won't show up. I've ensured that all Organizational Units (OUs) are set to sync in the Entra Connect configuration, and I've added my Active Directory Connect group to the Security Groups section. Any advice on why this might be happening? I've tried the usual troubleshooting steps, but it's time to reach out to the experts!
3 Answers
I've encountered this too! Make sure the groups are set as universal and not domain local, as that can often trip people up. Also, check if they’re mail-enabled or hidden due to filtering rules. The AD Connect logs can give you some valuable insights if you examine them closely.
Make sure you double-check the prerequisites for security groups syncing. There are specific types of groups that don't sync, like built-in or primary groups. Have a look at Microsoft's documentation if you haven’t already. It might provide some clarity.
Check that the groups are universal and mail-disabled. Also, confirm that no group filtering settings are enabled, and consider forcing a full sync. Sometimes groups can be skipped if they're empty or if there's a strange nesting issue.
Thanks for the heads up! I think the group might actually be set as domain local, so I'll definitely check that out.