× Welcome to the Centrify Community! Looking for Express & Smart Card Help? Click Here

AD group is not synced to O365

Showing results for 
Search instead for 
Do you mean 
Reply
Participant III
Posts: 37
Registered: ‎04-06-2016
#1 of 3 281

AD group is not synced to O365

Hello Centrify experts,

  

We use AD groups to provide O365 licenses to our users. I mean that in Centrify Admin Portal – Roles – Office 365 – Members page I put an AD group, not individual users. It usually works fine but yesterday I got strange issue with this. Some users were unable to login to their O365 apps. O365 portal shows those users as ‘unlicensed’… Looks like AD group is not synced to O365 anymore. I have quickly fixed it by manually adding individual users to Centrify Admin Portal – Roles – Office 365 – Members page.

 

How can I troubleshoot this issue?

 

Thanks for your help.

Centrify Advisor II
Posts: 55
Registered: ‎09-08-2015
#2 of 3 249

Re: AD group is not synced to O365

 Hello @Unisys and welcome back to the Centrify Community...

 

We recently implemented a change which prevents use of Domain local or Distribution groups for Role use. Could it be the group you are using is a Domain local? This would have continued to work, if so, despite us no longer allowing these type of groups to be selected when chosing to add as a member to the role, up until a few days ago.

 

Please check the group you are referring to and if a domain local or a distribution group, please convert it. 

 

This KB not only explains the changes, why and when they were made, but also how to correct it. 

 

https://centrify.force.com/support/Article/KB-6906-How-to-convert-a-distribution-group-to-a-security...

 

Please let me know if this does not help, and we may need to dig deeper (perhaps open a Support case if possible?)

 

I hope this is a qucik fix for you.

 

Have a great weekend!!

 

Ryan V. 

Highlighted
Participant III
Posts: 37
Registered: ‎04-06-2016
#3 of 3 236

Re: AD group is not synced to O365

Ryan, 

 

thank you for your reply.

 

My group is scope is 'global' ans type is 'security'. It should not be affected by that change.

 

Any other idea?