AD Connector - Office 365

We are using Office 365 and us AD Connector to sync our on-premises Active Directory with O365.

We do NOT disable accounts, we just set the Logon Hours equal to NEVER.

What do I have to do in AD Connector to not sync users whose 'Logon Hours is set to NEVER.
I do not want to sync this option.

Thanks
zero000koolAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
Check the guide I have here: http://www.michev.info/Blog/Post/62/How-to-prevent-disabled-accounts-from-syncing-to-Azure-AD-when-using-AADSync

On the Scope filter step, use the logonHours attribute instead of userAccountControl, and use the ISNOTNULL condition. Or use an actual proper filter that will check the value of logonHours (my example simply checks if the attribute exists).
zero000koolAuthor Commented:
That is the problem there is no LogonHours attribute when I do a connector.
Where is it?
Vasil Michev (MVP)Commented:
On the AD Connector, go to properties -> Select attributes. Make sure the "show all" checkbox is ticked and find the logonHours attribute. If the checkbox in front of it is not ticked, check it and save the changes.
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

zero000koolAuthor Commented:
I found the logon hours, what would the value have to be so users who's logon hours are set as logon disabled under their name?

thanks
zero000koolAuthor Commented:
We do not do disabled accounts, we set the LogonHours and then Logon Disabled

in AD these accounts are NOT disabled.
Vasil Michev (MVP)Commented:
If it were me, I would just check whether the attribute exists (should not be populated by default), and act accordingly. But I dont know your current setup, so this might not be appropriate method.

The values you can check by looking at the Attributes Editor tab for one such user.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.