Microsoft Entra Connect Rule Tool – view and understand sync rule expressions more easily
If you’ve ever looked at sync rules in Microsoft Entra Connect and tried to understand them – or even edit them – you may have found it frustrating! That’s why we have created our free-to-download Microsoft Entra Connect Rule Tool.
Note: This tool was developed before Microsoft rebranded Azure AD Connect as Microsoft Entra Connect. All the functionality is compatible with Microsoft Entra Connect, but the tool’s interface retains its original name, Azure AD Connect Rule Tool, and the associated documentation refers to Azure AD Connect.
In this video, I explain and demo the Rule Tool, and show why you need it:
What does the Microsoft Entra Connect Rule Tool enable you to do?
- Reformats text into a logical, readable format. It changes the layout using line breaks and indents so you can follow the code and understand what’s going on
- Highlights the parameters that “belong” to a function – i.e. select a bracket and see its partner highlighted
- Suggests fixes for functions and MIM properties where you have made a typo
- Keeps a list of operators (+, -, >, Or, || etcetera) and flags invalid ones
- Indents IIF command parameters are indented and function parameters (eg Left) are indented relative to their placement
- Colours are used to highlight to component type – eg Blue for commands, Green for operators, etc.
- Shows you when something is wrong
- Intelligent code completion and additional information to help you get the syntax right first time:
- Highlights parameters that “belong”. Where’s the matching bracket? Click on a parameter in the Rule Tool to reveal its partner:
- Highlights expression parameters that “belong”. Where are the IIF arguments?
The Microsoft Entra Connect Rule Tool is free to use forever! No licence required, no catches.
Why did we create the Microsoft Entra Connect Rule Tool?
Out-of-the-box, Microsoft Entra Connect’s Synchronization Rules Editor has a very small window (see below) so it’s very hard to see what’s happening.
Obviously, a ‘Copy and Paste’ into Notepad makes life a bit easier, but this is what you see:
IIF(IsPresent([isCriticalSystemObject]) || IsPresent([sAMAccountName]) = False || [sAMAccountName] = “SUPPORT_388945a0” || Left([mailNickname], 14) = “SystemMailbox{” || Left([sAMAccountName], 4) = “AAD_” || (Left([mailNickname], 4) = “CAS_” && (InStr([mailNickname], “}”) > 0)) || (Left([sAMAccountName], 4) = “CAS_” && (InStr([sAMAccountName], “}”) > 0)) || Left([sAMAccountName], 5) = “MSOL_” || CBool(IIF(IsPresent([msExchRecipientTypeDetails]) ,BitAnd([msExchRecipientTypeDetails],&H21C07000) > 0 ,NULL)) || CBool(InStr(DNComponent(CRef([dn]),1),”\\0ACNF:”)>0), True, NULL)
Users have come to expect a high level of sophistication when viewing or editing syntax, and for this reason, we have created the Microsoft Entra Connect Rule Tool, which includes color-coding, syntax checking, and intelligent code completion (like Microsoft’s Intellisense):
The image above shows an expression displayed in the Rule Tool – it is part of a key rule that you may have seen when you explored the rules that were created during your installation process. It’s the one provided in the inbound rule called “In from AD – User Join”, and defines the Transformation expression for the cloudFiltered Target attribute. The rule is complex and contains many hard-coded constants. We are sure you will find understanding and editing this far easier in the Rule Tool!
Microsoft Entra Connect Training
Learn how to make the most of Microsoft Entra Connect in our Masterclass, instructor-led via Teams in 3 days. It’s the only comprehensive, structured training course for this complex and powerful technology.