Skip to main content
All CollectionsMicrosoft 365Manage administrators and usersManage users
How to import users from EntraID using Dynamic distribution Groups
How to import users from EntraID using Dynamic distribution Groups
Updated over a week ago

Overview :

AzureAD user deployment method in Druva provides you an option of importing users from your Microsoft EntraID ( Formerly known as Azure AD ) using a Dynamic distribution group.

You can create attribute-based rules to enable dynamic membership for a group in Microsoft Entra ID. Dynamic group membership adds and removes group members automatically using membership rules based on member attributes.

Step 1: To create a group membership rule

You can use rules to determine group membership based on user or device properties In Microsoft Entra ID, part of Microsoft Entra.

To create a group membership rule in Microsoft EntraID

  1. Sign in to the Microsoft Entra admin center as at least a Groups Administrator.

  2. Select Microsoft Entra ID.> Groups.

  3. Click on All groups, and select New group.

  4. On the Group page, enter a name and description for the new group. Select a Membership type for either users or devices, and then select Add dynamic query. The rule builder supports up to five expressions. To add more than five expressions, you must use the text box.

  5. To see the custom extension properties available for your membership query:

    1. Select Get custom extension properties

    2. Enter the application ID, and then select Refresh properties.

  6. After creating the rule, select Save.

  7. Select Create on the New group page to create the group.

If the rule you entered isn't valid, an explanation of why the rule couldn't be processed is displayed in a notification in the portal. Read it carefully to understand how to fix the rule.

Reference : Create or edit a dynamic group and get status - Microsoft Entra ID | Microsoft Learn

Step 2: Create Mapping in Druva based on the Dynamic Group created in Step:1

Before you begin, ensure that inSync is authorized and configured to access Microsoft 365. See, Configure inSync for Microsoft 365.

  1. On the Druva Management Console menu bar, click Users > User Provisioning.

  2. On the User Provisioning page, click Use Azure AD to use Azure AD mappings to import and manage users.

  3. On the confirmation dialog box that appears, read the message and click Confirm. You will be redirected to the Azure AD page. Now, you can create Azure AD mapping to import users.

  4. On the Azure AD provisioning page, click New Mapping.
    In the Mapping Configuration tab specify the following:

  • Mapping Name - Specify a name for the Azure AD Integration mapping.

  • Filter Users by

  • Groups

  1. Now you can search for the Dynamic distribution group which is created in Step-1

  2. Click Next.

  3. In the Backup Configuration tab, specify the following details:

    1. Assign Storage - Storage on which the user data should be saved

    2. Assign Profile - Profile to which the users should be assigned

    3. Default Quota - Default storage quota per user. Enter 0 for unlimited storage.

    4. Send activation email to newly added users - Select if you want to send an invitation email to all the newly added users.​

8. Click Finish. ​Azure AD mapping is created and listed on the, Azure AD listing page

Reference : Create Azure AD mapping for user provisioning | Druva | Documentation

Related Articles
User with missing membership type in Azure AD do not get imported to Druva inSync via Azure AD Group Mapping
How to backup only those users who have an employee ID in Azure AD
Manage Users from Microsoft Azure Active Directory using SCIM
User provisioning using Azure Directory(AD)
Azure AD user deployment FAQs
Did this answer your question?