I had a value in one of my extensionAttributes in AD populated with a data I needed to leverage in Azure AD dynamic groups. The specific attribute was extensionAttribute5. Without doing anything else this attribute is replicated to Azure AD and can be used as part of a dynamic group. For example I created a rule:
(user.extensionAttribute5 -contains "Chief Technical Architect")
However I was unable to see this value by looking at users through PowerShell AzureAD module. They are visible through the Exchange Online PowerShell environment however I wanted to leverage Azure AD PowerShell. I therefore added the attributes as part of the Azure AD Connect replication. Note I also add one of the msDS-cloudExtensionAttributes to show another attribute available) :
Once replicated you are now able to view the values as shown:
PS Azure:> Get-AzureADUser -ObjectId johnsav@onemtc.net | Select-Object -ExpandProperty ExtensionProperty Key Value --- ----- odata.metadata https://graph.windows.net/32dc2feb-7fd6bf/$… odata.type Microsoft.DirectoryServices.User createdDateTime 9/26/16 6:32:37 PM employeeId userIdentities [] userState userStateChangedOn extension_391c602828_msDS_cloudExtensionAttribute1 Chief Technical Architect extension_391c602828_extensionAttribute5 Chief Technical Architect
If you need a specific value then reference by it’s full name that is shown above (note your name will be different), for example:
