Forum Discussion
Diederik Janson
Sep 16, 2020Copper Contributor
Is it possible to sync a newly created Azure AD user back to on-premises?
Hi,
Is it possible to sync a newly created Azure AD user back to on-premises AD? We would like to shift our user management from on-premises to the cloud but we still have (legacy) applications that need an AD user.
I searched Microsoft Docs but could not find a clear answer.
Regards,
DJITS.
- Yes, see soft matching here: https://dirteam.com/sander/2020/03/27/explained-user-hard-matching-and-soft-matching-in-azure-ad-connect/#:~:text=%20Through%20soft%20matching%2C%20an%20on-premises%20Active%20Directory,in%20the%20proxyAddresses%20attribute%29%20matches%20the...%20More%20
basically, the login or UPN and primary e-mail address match and it'll link them together. Just remember when you do this, their login will break, so it's important to make sure their passwords match as well when you do it, but we used this method to take our azure accounts and put them in local AD.
Assuming the local account doesn't exist and you are creating a new one? If you are using an existing one if it has exchange attributes or anything else crazy about it you might have to take more things into consideration. Sync is one-way only, from AD to Azure AD. You can easily export/import users and other object types and their properties via PowerShell.
- NikolinoDEGold Contributor
Maybe this info will help you, if not please just ignore it.
Azure AD Connect user sign-in options
https://docs.microsoft.com/en-gb/azure/active-directory/hybrid/plan-connect-user-signin
I would be happy to know if I could help.
Nikolino
I know I don't know anything (Socrates)