There may be some cases where you would like to filter the Azure AD records for Users. Some example cases can be listed as follows:
You have a large User database but actually, you don’t need all of them.
You don’t want to synchronize inactive users.
You are using your user AD for multiple departments or companies, you would like to specify which of them needs to be synchronized.
You have a new naming convention for Azure AD groups and you want to sync only the new and nicely organized groups.
… you may have many more reasons to filter the data from your Azure AD.
Now, you have the chance to add a filter for your Users and Groups under the Admin tab.
The filters need to be formatted according to Microsoft Graph API requirements. You may find some examples below. Please refer to Microsoft Graph API documentation for more details.
Description | Filter |
---|---|
Import only the active users. | accountEnabled eq true |
Import the users based in London city. | city eq 'London' |
Import users in a country. | country eq 'Ecuador' |
Import users of two countries. | country eq 'Ecuador' or country eq 'India' |
Import users of multiple countries. | country in ('Ecuador', 'India', 'Germany') |
Import users which are having userType as Member | userType eq 'Member' |
Import only Engineering department | department eq 'Engineering' |
Note: When using the in operator, the request is limited to 15 expressions in the filter clause. More information.
It is not possible to filter according to all the attributes or use all the filter operators. The following examples will not work with the filters due to the limitations of Microsoft Graph API. More information.
Description | Filter |
---|---|
Only the users having the organization's email address. | endsWith(mail,'@organization.com') |
Users having an email address. | NOT(mail eq null) |
Another way to filter users having an email address. | mail ne null |
Import only if the users have a company name that is not Microsoft. | companyName ne null and NOT(companyName eq 'Microsoft') |
Do not import the users starting with Conf. | NOT startsWith(displayName, 'Conf') |
Do not import the users having user type as Guest | not(userType in ('Guest')) |