Moving MIM Group Functionality to Azure AD for On-Premises Group Attestation

Now that Azure AD Group Writeback is in public preview, there is one less reason to keep the MIM Portal around.

Azure AD Group Writeback is a feature OCG and our Microsoft Identity Manager (MIM) customers have been looking forward to implementing – and now it’s in public preview! Azure AD groups can now sync to on-premises Active Directory. Even better, if you are running an Azure AD Premium license (like most of our customers), you’ll be licensed to use it.

Adding group writeback to Azure AD Connect gets organizations a lot closer to eliminating the need for MIM, specifically the MIM Portal. Moving group management from MIM to the cloud will reduce processing time, reduce your on-premises footprint, and move your organization closer to a zero trust security architecture.


Implementing group writeback allows for Azure AD and AD security groups to be managed in one location. Additionally, using Azure Identity Governance can improve security by providing attestation of on-premises AD security groups.

Presented by OCG Architect Nathan Mertz, this webinar covers how to move your MIM group functionality to Azure AD, while at the same time improving support for organizational compliance and reporting. Nathan covers:

  • Group management
  • Group approvals/workflows
  • Dynamic/criteria groups
  • Group entitlement management
  • Attestation (including for AD groups on-premises) and access requests

Moving MIM Group Functionality to Azure AD for On-Premises Group Attestation View the recording