In this basic post, I’ll show you how to enable Microsoft Entra ID group sync in SCCM. This option can be turned on via Azure Cloud Services properties in Configuration Manager.
When you configure Azure services for cloud management, the service enables the site and clients to authenticate by using Microsoft Entra ID. Microsoft Entra synchronization also necessitates the configuration of Entra user discovery and a management point enabled with HTTPS or Enhanced HTTP.
It is completely possible to sync the collection memberships to a Microsoft Entra group. This synchronization allows you to use your existing on-premises grouping rules in the cloud by creating Microsoft Entra group memberships based on collection membership results. I will cover more about this in another post.
Note: Before you turn on Entra group sync in Configuration Manager, make sure you haven’t disabled Entra authentication for your tenant. That’s because it prevents client registration using Entra ID Authentication.
Enable Microsoft Entra ID Group Sync in SCCM
In the Configuration Manager console, go to the Administration > Cloud Services, and select the Azure Services node. Right-click the cloud management service for the Microsoft Entra tenant and select Properties.
Switch to the Collection Synchronization tab, and select the option to Enable Microsoft Entra ID Group Sync. Select OK to save the setting.
Great article that explains a lot about connection configuration.
However, in my environment, I’m having a problem where I can’t view the properties in the “Azure Service” tab. I can see the connection, but I can’t access its properties.