Azure User Accounts

Hi Team. 

Looking for some advice , suggestions , real-world knowledge. 

Currently we are setup as Hybrid joined. We sync our onPrem user accounts up to Azure via AD Connect and we also back sync Azure in to Active Roles. This is all working fine for managing onPrem users. Cloud user types is something new for us to work with in ARS

We have some Azure cloud-based accounts that I would like to manage through Active Roles so that we are not using two locations to do Administration. Now in Active Roles I am unable to search for any Cloud based accounts but I can create a Managed Unit and add accounts there. I can then browse the MU structure and see said account and open the properties of them. 

Do virtual attributes work with Azure accounts in Active Roles? I did create a boolean VA and assigned it to the EDS-Azure-User class hoping I could use that to populate the membership of the MU. Nothing returned. 

Am I missing something with managing Azure accounts in ARS? 

Thanks in advance 

  • Could this be an Access Template delegation visibility configuration, where the user searching for Entra ID objects can't see them? Assuming any and all Entra ID operations are going through the web interface (because the MMC does offer very limited viewing of Entra ID objects such as in the configuration of Managed Units), there is a 'Customization \ Global Settings' option labeled 'Enable Quick Search in Azure' for controlling the Quick Search functionality. Verify that this is enabled. Also check and verify that under 'Directory Management \ Azure \ <Azure tenant> \ Azure Users' the Azure cloud-only object can be seen here as well by browsing all Azure users.

  • Thanks, Richard. I will investigate this; Support thinks it could be a product defect. Waiting for them to confirm