During setup, Azure AD Connect automatically creates Azure AD Connect Sync Security Groups. A Microsoft 365 Enterprise Administrator can use these groups to delegate control in Azure AD Connect to other users. You can also use these groups to assign a user temporary permission to run a manual synchronization or to use Azure AD Connect to troubleshoot directory synchronization issues.
| Group Name | Description |
| ADSyncAdmins | Administrators Group: Members of this group have Full Access to do anything in the Azure AD Connect Sync Service Manager. |
| ADSyncOperators | Operators Group: Members of this group have access to the operations of the Azure AD Connect Sync Service Manager, including:
Members of this group must be a member of the ADSyncBrowse Group. |
| ADSyncBrowse | Browse Group: Members of this group have permission to gather information about a user’s lineage when resetting passwords. |
| ADSyncPasswordSet | Password Reset Group: Members of this group have permission to perform all operations by using the password management interface.
Members of this group must be a member of the ADSyncBrowse Group. |
The groups are created as local groups on domain-joined servers, or as Active Directory domain groups when you install Azure AD Connect on a domain controller
Albandrod's Memory 
What and where is the ‘Password Management Interface’ mentioned in the ADSyncPasswordSet description of access column?
LikeLike
As mentioned in the article, you have those groups in the server where you installed the ADConnect, take into account that are local groups
LikeLike