Rule description
This rule queries Active Directory expired users and return a list of matching Office 365 Hybrid Accounts with account sign-on status (enabled/disabled).
When to use this rule
Use this rule if you want to get the report about Active Directory expired users and matching Office 365 Hybrid Accounts with account sign-on status (enabled/disabled) to take action on them.
Rule Settings
Query Section
Setting name | Description |
---|---|
Limit AD scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to specific OU. Important: To test rule configuration, limit the rule scope to an OU that contains test accounts or objects.
|
Account status |
Filter Office 365 accounts by their status. |
Query filters |
|
AD Filter |
To hide unwanted data based on criteria, not supported by Active Directory query, set the filtering conditions here. Example: filter by the found object Distinguished Name. Tip: For optimal performance, use Query criteria above to filter objects whenever possible.
|
Office 365 filter
|
The filter hides unwanted data returned by the query. You can select one of the predefined filters or set your filter. |
Display Name/email starts with Filter by Title Filter by Department Filter by City Filter by State Filter by Country Filter by Usage Location Filter by TenantID Filter by Domain |
You can filter data by different attributes. |
More Options |
|
Properties to Display
|
To display additional properties for each object found by the query, add those properties to the list.
|
Sort by | Sort result objects list. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
9.1.0 | Domain Controller and Credentials settings have been removed. |
7.3.0 | The rule supports mapping between Active Directory user account and Cloud user account by anchor attributes. |
Comments
0 comments
Please sign in to leave a comment.