Here are a few options which you can use to filter objects from Active Directory when using Directory Integration with Azure MFA. The Azure on-premises MFA server supports standard LDAP filter. You can this filter in Directory Integration –> Synchronization –> User Filter:
For example,
if you want to filter or include users based on a group membership, you can use the memberOf attribute with distributedName of the security group as shown below:
(memberof=CN=MFASync,OU=Groups,DC=labanddemo,DC=com)
If you want filter or include users based on an attribute value, you can use (attributename=value) format as shown below:
(department=IT)
You can also use standard logical operator to combine your filter statement:
(|(memberof=CN=MFASync,OU=Groups,DC=labanddemo,DC=com)(department=IT))
2 comments:
Does the Active Directory synchronization overwrite information that is inputted through the User Portal? ie. A client who has no versatile number in AD puts their essential number into Azure MFA Server by means of the User Portal. Afterward, the versatile property field is filled in AD with an alternate number.best essay writing service
Hey! navigate here if you need your essay to be written in MLA
Post a Comment