Tuesday, May 3, 2016

Azure MFA–Directory Integration Filter

Here are a few options which you can use to filter objects from Active Directory when using  Directory Integration with Azure MFA.  The Azure on-premises MFA  server supports standard LDAP filter.  You can this filter in Directory Integration –> Synchronization –> User Filter:

image

For example,

if you want to filter or include users based on a group membership, you can use the memberOf attribute with distributedName of the security group as shown below:

(memberof=CN=MFASync,OU=Groups,DC=labanddemo,DC=com)

image

If you want filter or include users based on an attribute value, you can use (attributename=value) format as shown below:

(department=IT)

image

You can also use standard logical operator to combine your filter statement:

(|(memberof=CN=MFASync,OU=Groups,DC=labanddemo,DC=com)(department=IT))

image

1 comments:

Does the Active Directory synchronization overwrite information that is inputted through the User Portal? ie. A client who has no versatile number in AD puts their essential number into Azure MFA Server by means of the User Portal. Afterward, the versatile property field is filled in AD with an alternate number.best essay writing service

Post a Comment

Popular Posts

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More