Getting a list of Azure AD users who belong to a particular organizational unit on-premise is easier than you think. In this article, we will show you how to do just that.
Although Azure has a flat structure and we cannot organize all the objects in various organizational units the way we are used to, we can still pull a list of Azure AD users who belong to a particular OU. The distinguished name of the OU is stored in the extension property named onPremisesDistinguishedName of the Get-AzureADUser.
In order to filter the users from a unique OU within the entire AD, you can use the wildcard & run a command similar to the below.
Get-AzureADUser -All $true | Where-Object {$_.ExtensionProperty.onPremisesDistibguishedName -like "*OU=Cloudiffic-Users*"}
You can give the full DN of the OU if you have multiple OUs with the same name in your on-premise AD.
Get-AzureADUser -All $true | Where-Object {$_.ExtensionProperty.onPremisesDistibguishedName -like "OU=Cloudiffic-Users, OU=Cloudiffic, DC=Cloudiffic, DC=COM"}