Good Afternoon.
Hope your well. Wanted to ask a quick question in regards to filtering in Azure AD Connect. We have an account domain, which contains active directory accounts, and a resource domain, which contains Exchange mailboxes (linked). When setting up AD Connect we were able to add the two domains, and set the sync to identify users based on ObjectSID and MSExchangeMasterAccountSID.
Everything has appeared to work OK, however, currently if a mailbox exists in the resource domain, with the corresponding account having been moved to an OU that is not syncing, an account gets created in Azure for that object. Ideally we would want to say that if there is no link between accounts on the resource domain and account domain, please ignore.
Any assistance would be appreciated.