Azure Active Directory allows groups with the same name but different members. While you cannot create two groups with the same name using the Azure Portal interface, you can add a group with the same name as an existing group in other ways, for example when using the Azure AD Connect app, a PowerShell script, or when creating teams with the same name in Microsoft Teams. In Microsoft Teams, creating a team uses the team name as the group name in Azure. Since Teams allows teams with the same name, this causes groups with the same name in Azure, and this, in turn, causes an issue in K2 when group membership is synchronized.
For example: Your organization might have a group called OurTeam created through the Azure Portal interface, with users from your HR department as members. The Sales department creates a team in Teams called OurTeam, which creates a group in Azure with the name OurTeam. Your IT department creates a team called OurTeam using a PowerShell script. Now your Azure tenant has three groups all named OurTeam, but with different members.
The K2 Sync engine caches the groups correctly, but when the ETL process happens, the groups' members are combined into a single group in the Identity schema because the DisplayName property of the three AAD groups is the same. Using the example above, this means that the HR, Sales and IT members are grouped together in a single group called OurTeam in K2.
It is best practice to have unique group names in your organization.
If you experience the issue in your organization, follow these steps to correct group membership.