Best way to integrate Azure AD Groups & Group Members with on Prem AD Groups

elaine10 · ‎02-02-2024

Hello-

I am hitting a wall on figuring out the best way to do this so I would love to hear from others that have figured it out. We have been syncing Groups to sys_user_group (Groups) table from on-prem AD via LDAP sync, for many years. I have been tasked with the requirement to sync groups data (and group members) from Azure AD into the sys_user_group table. We have integrated Azure AD via the Integration Hub spoke and I can see that we have populated group and user data from there.

What is the best way to get the groups from Azure AD into the sys_user_group table? Would it be a scheduled transform from one table to the other? Is there a cleaner way to do this and keep the data in sync between Azure AD, on-prem AD, and ServiceNow? I am having issues finding any up-to-date articles on the topic. TIA!

Ashby0003 · ‎11-18-2024

I'm having this same issue.

Microsoft does have a group provisioning within Azure but when I tried to set it up Microsoft said it would take months to 'sync' due to the number of groups.

I'm thinking if done through integration hub it would use a massive amount of calls