0

Let me start off with, I know that in a Hybrid environment AD edits need to be done on-prem. However, I have a special case that I can't for the life of me figure out.

I have a user that somehow managed to get their personal cellphone information on the 365 AD but not on the on-prem AD.

We do not seem to be having any sync issues, new accounts create & sync with no issue, edits to users done in the on-prem AD sync to the cloud AD no issue.

With the exception of this single user, who has managed to get their personal cellphone listed in our AD contact information. When I go to AD to edit it, everything is greyed out completely, and as I said, it isn't in the on-prem information at all.

I have seen a solution on-line that I don't like, due to the large impact it would have overall on operations, that solution was to disable syncing between 365 AAD and our on-prem.

Does anyone have an alternative solution? Someway to unlock editing in 365 AAD?

Christopher J. Joubert
  • 1
  • Has the user enabled MFA? The phone number information can enter AAD by being used as an authentication factor. – Massimo May 05 '23 at 13:16
  • Hi, is it an important user? As if only for one user I would do a backup of is data and erase the AAD account, to make a resync after. I seen something similar as an admin edited in AAD by error and didnt told anyone after – yagmoth555 May 05 '23 at 13:53
  • Massimo : All users are MFA enforced, this is the only user with this issue. yagmoth555 : The user isn't particularly important, and we could go that route, but it seems excessive. The major issue, is that the company uses an Exchange rule to attach a standardized signature with legal disclaimer. This information pulls our phone numbers, some people in the company need to have their cell phone listed, but this employee doesn't want or need it. – Christopher J. Joubert May 05 '23 at 17:55

0 Answers0