Page Comparison

...

1. First, in the Comma separated roles to be synced provide an AAD Specific roles list, if you want only users of certain roles on AAD to get synced. e.g. If you want to sync all Azure AD users leave this box empty. If you only want all users which are having Global administrator & Global reader roles your configuration will look like as follows:

   Image RemovedImage Added

   Note: If any roles are provided, the Sync All Accounts? (Yes/No) value will be considered No, even if you say Yes

2. Second, Is this a directory? (Yes/No) if this is your organization directory then say Yes otherwise if it is a non-directory app say No, e.g. An organization that uses AAD as the directory will have the following configuration, By default, it will be No

   

3. Sync All Accounts? ( Yes/No ) filling Yes here would sync all your organization users, No will sync only users who have any roles assigned to them, User without any roles will not be synced. Default value Yes (unless roles are specified under Comma separated roles to be synced in which case this configuration will always be No

4. Finally, Sync All Groups? ( Yes/No ) will sync all groups from AAD if provided Yes otherwise only security-enabled groups are synced. Default is No

...

Step 3. The Global Administrator approves the permissions request.

...