Active Directory Administrative Unit

Docs > DDSQL Reference > Data Directory > Active Directory Administrative Unit

This table represents the Active Directory Administrative Unit resource from Microsoft Azure.

azure.ad_administrative_unit

Fields

ID	Type	Data Type	Description
_key	core	string
deleted_date_time	core	string	Date and time when this object was deleted. Always null when the object hasn't been deleted.
description	core	string	An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search.
extensions	core	json	The collection of open extensions defined for this administrative unit. Nullable.
id	core	string	The unique identifier for an entity. Read-only.
is_member_management_restricted	core	bool	true if members of this administrative unit should be treated as sensitive, which requires specific permissions to manage. If not set, the default value is null and the default behavior is false. Use this property to define administrative units with roles that don't inherit from tenant-level administrators, and where the management of individual member objects is limited to administrators scoped to a restricted management administrative unit. This property is immutable and can't be changed later. For more information on how to work with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID.
members	core	json	Users and groups that are members of this administrative unit. Supports $expand.
membership_rule	core	string	The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see Manage rules for dynamic membership groups in Microsoft Entra ID.
membership_rule_processing_state	core	string	Controls whether the dynamic membership rule is actively processed. Set to On to activate the dynamic membership rule, or Paused to stop updating membership dynamically.
membership_type	core	string	Indicates the membership type for the administrative unit. The possible values are: dynamic, assigned. If not set, the default value is null and the default behavior is assigned.
name	core	string
resource_group	core	string
scoped_role_members	core	json	Scoped-role members of this administrative unit.
subscription_id	core	string
subscription_name	core	string
tags	core	hstore
visibility	core	string	Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not set, the default value is null and the default behavior is public. When set to HiddenMembership, only members of the administrative unit can list other members of the administrative unit.