What’s an AAD device extension attribute?

Active Directory, Automation, Azure AD, Intune 1 Minute

Hi again

If you get to this post I’d like to share why AAD device extension attributes is important in AAD / M365 and Intune Architecture

  • HAADJ limitation around device extension attributes
    • check this link
      • The extensionAttributes property of the device entity is managed only in Azure AD during device creation or update.
  • AADJ device extension attributes
    • leverage AADJ device extension attributes to give us better device management when it comes to AAD (device, administrative unit, group membership, and so on).
  • Automation is relevant
    • for those who have any automation in place the more you standardize users and devices all over your business the better
      • locationID
      • Organizational Units (ADDS)
      • Security Groups
      • ExtensionAttributes

All my research started with this post, from Tony Redmond and this by Vasil Michev

Reference

https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-schema-extensions

https://learn.microsoft.com/en-us/powershell/azure/active-directory/using-extension-attributes-sample?view=azureadps-2.0

Screenshot

Cheers,

Thiago Beier
Toronto, Canada

Published by Thiago Beier

IT Solutions Architect

Published

One thought on “What’s an AAD device extension attribute?

  1. Pingback: Intune Newsletter - 28th April 2023 - Andrew Taylor

Comments are closed.