Joseph Lee

A full-stack engineering mindset

Create AADC Sync rules

August 14, 2024 less than 1 minute read

Summary

In the case of integration for global branches, preferred data location and usage location should be configured to optimise their services.

However, regarding the functional level of the DC, there is no value in the user properites. To go through this, we can use msCloudExtensionAttribue.

1. Ref

https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sync-feature-preferreddatalocation

2. Preparation

Enroll DC to the AADC application and Add Directory extensions

3. Create Rule

You should stop the sync cyle before proceed the task below

Set-ADSyncScheduler -SyncCycleEnabled $false

Inbound

Run Synchronisation Rules Editor
Add New rule
Set value

So you just do the same job on the usage location.

Outbound

[Note] You don’t need to create out bound rule for each Domain. But you have to create it as many as the attribues.

Change direction to Outbound
Set value as:

4. Sync Enabled

Set-ADSyncScheduler -SyncCycleEnabled $True
Start-ADSyncCyle -PolicyType Initial

Leave a comment

You may also enjoy

Understanding PKI and Digital Certificates

May 2, 2026 8 minute read

Overview

Understanding Digital Signing

May 2, 2026 4 minute read

0. Overview You’ve probably seen a message like “This software is from a trusted publisher” — or the opposite, a Windows Defender warning that says “This fil...

ADFS Deep-Dive

May 2, 2026 1 minute read

0. Overview This post is just a introduce the techcommunity post from Microsoft. Please refer the link below: https://techcommunity.microsoft.com/blog/cor...

MacOS Entra joined with PSSO

April 25, 2026 4 minute read

0. Overview In this post, we will learn how to make the mac device “Microsoft Entra joined” The result would be like: