Microsoft Entra ID (formerly Azure AD) Synchronization With Address Groups
If you use Office 365, you can manage your address group-based policies more efficiently by syncing Cloud Email Protection Address Groups with your Microsoft Entra ID (formerly Azure AD) groups. Cloud Email Protection will automatically pull the members from your Microsoft Entra ID (formerly Azure AD) groups into a synchronized Cloud Email Protection address group so that you no longer have to worry about manual updates.
There are several different types of Microsoft Entra ID (formerly Azure AD) groups that you can create:
- Office 365
- Distribution list
- Mail-enabled security
- Security
Fortra Cloud Email Protection can synchronize will all of these Microsoft Entra ID (formerly Azure AD) group types. However, synchronization with nested Azure AD groups is not currently supported.
To learn about how address groups are used in policies, see Policies.
Notifications of Microsoft Entra ID (formerly Azure AD) group sync failures
After setting up synchronized address groups it is recommended that you sign up for system notifications about failures to of the regular sync jobs.
- Go to Manage > System Notifications.
- Click Configure.
- Scroll down to the Policies section and select the Azure AD sync fails to sync an Address Group within a day check box.
- Click Save.
See System Notifications for more information.
Skipped Addresses
When Cloud Email Protection synchronizes with an Microsoft Entra ID (formerly Azure AD) address group that contains any entry with a missing first name, last name, or email address, those entries will not be included in the address group. Instead, Cloud Email Protection will add a Skipped Addresses section to the address group and list those entries in that section.