Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Releases New Azure AD Group Writeback Updates

Microsoft has recently announced some important updates for Azure AD Connect Group Writeback. This release enables organizations to write back Microsoft 365 groups (assigned & dynamic) to their on-premises Active Directory as a security group, mail-enabled security group, or distribution list.

For those unfamiliar, Group Writeback is a useful tool that enables IT Pros to use the Azure AD Connect Sync client for synchronizing cloud groups with on-premises environments. It makes it easier to manage cloud groups as well as control access to on-premises resources and apps.

Up until now, the Group Writeback feature only allowed IT admins to write Microsoft 365 groups as universal distribution groups.to on-premises Active Directory. It was primarily used for keeping Exchange Online Address Lists and Address Books up to date. However, this is about to change now.

“With this public preview, we’ve expanded what groups can be written back, added the ability to manage groups for writeback in MS Graph and the Azure Admin Portal, and added a feature in Azure AD Connect to make it easier to find your groups on-prem,” Microsoft explained.

Azure AD Connect adds new group writeback features

Microsoft has also made it possible to write Azure Active Directory (AD) security groups (assigned and dynamic) as a security group. Furthermore, customers can decide for each group whether it should be written back into the on-premises environment.

It is important to note that the new Group Writeback enhancements are available tenant-wide, rather than per Azure Active Directory Connect server. Additionally, IT admins will need to install Azure AD Connect version (2.0.89.0) or later to get the latest update. If you haven’t done it yet, you can check out this support document to enable the feature.

Microsoft says that older Azure AD Connect builds lack support for the new version of Group Writeback. If the previous Group Writeback experience is already enabled in your tenant, Azure AD Connect will continue to write back all Microsoft 365 groups as Distribution lists (without Azure AD security groups).

by Rabia Noureen
Jul 14, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024
Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024
How to Use Microsoft 365 Dynamic Groups to Streamline Access Management

Jul 5, 2023
Jul 13, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.