How do I get the Windows domain FQDN that is synced to Azure AD as the On-Premises-Domain-Name?

0
votes

Azure AD users and groups synced from an on-premises AD have a field called onPremisesDomainName. The description is as follows:

Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. Read-only.

Source: https://docs.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0

How do I get the exact value that will be written to this field by the Azure AD Sync by querying the on-premises domain controller via LDAP from Java?

1
javaactive-directoryldapazure-active-directory

1 Answers

0
votes

By default, AD connect will import the user objects from Local AD and it will be exported to Azure AD.

In AD connect, sync service account will help us to pull the changes from the local AD but not sure about querying the value only for the pariticular attribute.

You can query the object and attribute values directly on the domain controllers. Local AD uses ldap protocol to query the objects from NTDS database.

If you have any separate LDAP server, it may be possible.