Can ISC Manage Organizational Units in Azure AD/Entra ID?

Identity Security Cloud (ISC) ISC Discussion and Questions
, , , ,
1

Hi everyone :waving_hand:

I’m working on an integration between Identity Security Cloud (ISC) and Microsoft Azure AD (Entra ID) and I have a question regarding the management of Organizational Units (OUs).

I understand that Azure AD/Entra ID does not have OUs in the same sense as Active Directory On-Premises, where the distinguishedName attribute clearly defines the organizational unit of an object.

However, I’ve noticed that in Entra ID there are concepts and attributes that might work in a similar way, such as:

  • department

  • companyName

  • onPremisesDistinguishedName (when synced via AD Connect)

  • Administrative Units (AUs)

My questions are:
:backhand_index_pointing_right: Is there any way to manage or “move” an identity between these “logical organizational units” directly through the Azure AD connector in ISC?
:backhand_index_pointing_right: If so, should this be done via identity attributes (e.g., mapping department or another field), or would it be possible to handle it directly through a provisioning policy?

I’d like to confirm if anyone in the community has faced a similar scenario and what the best practice is to reflect “organizational structure” changes in Entra ID through Identity Security Cloud.

Thanks in advance for your support! :rocket:

2

Hi,

Yes you can basically you will need to update the department and it will be more of an Attribute sync which you need to configure for Azure

3

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.