AAD Sync

more later…

Required AD  attributes Summary

So, when making a new AD user account to sync with Office 365 the required attributes as mentioned above are ‘First name’,  ‘Last name’,  ‘mailnickname’ , ‘userPrincipalName’, ‘mail’, Primary SMTP under  ‘proxyAddresses’, unique ‘displayName’ , ‘preferredLanguage’, ‘c’ & ‘co’ attributes.  And  the ‘mail’ attribute should be the same as the Primary SMTP & the ‘userPrincipalName’ domain should not be local.

For mail-enabled groups, the required minimum attributes are: ‘Description’,  ‘name’,  ‘mail’ ,‘mailnickname’ ,Primary SMTP under  ‘proxyAddresses’, unique ‘displayName’.  And  the ‘mail’ attribute should be the same as the Primary SMTP & in most cases the ‘Group Type’ should be Distribution.

*Recommend also adding a ‘Manage By’ & ‘Members’ but these two values aren’t required for intial replication*


When using Yammer the UPN , ‘mail’ attribute and Primary SMTP must all match.If they don’t the user will have login issues with Yammer.

MDM and Intune

Microsoft has launched earlier this year MDM management . But what if you want to use MDM  & Intune. Now they both can exist on your Office 365 tenant. I have been running this since late August on my test tenant.  the advantage is that you are setting two SOA (source of authorities) by doing half the work per say but it is an easy way to bypass making exceptions for users that are still using ActiveSync connections & then other users or Admins want to manage their users with Intune.