Forum Discussion

pischta's avatar
pischta
Copper Contributor
Apr 09, 2024

soft match with proxyAddresses

Hi,

 

I would like to connect on-premise AD with Entra ID. Users exist in both. Some users' UPN are the same in the on-premise AD and in Entra, but some have different UPNs, and I want to connect them with proxyAddresses. I created test users. I filled proxyAddresses for them in the on-premise AD and in Entra ID like SMTP:email address removed for privacy reasons, but when I run test, I  the following error:

"No action required. User '....' is not a newly discovered entry to be provisioned in the target application, nor one with an update that should flow to a target entry with which it was previously matched."

Skipreason: JoinNotFound.

 

  • SMTP matching only works if the ImmutableID of the user object is null, so check for that.
  • pischta's avatar
    pischta
    Copper Contributor

    When I create an ou based filter, so not every user will be syncronized, what will happen with the cloud-managed users, who don't have matching on-premise pair?

    • LainRobertson's avatar
      LainRobertson
      Silver Contributor

      pischta 

       

      Azure AD-native accounts will remain unaffected.

       

      Accounts that originated from on-premise or were subsequently joined (becoming on-premise mastered) are soft-deleted once they fall out of AAD Connect's scope of management.

       

      Cheers,

      Lain

      • pischta's avatar
        pischta
        Copper Contributor
        Thank you. Just to clarify: We have several Entra users, who were on-premise managed, but now they are independent (we had an old on-premise AD, connected to the Azure AD, and we removed all our users from it). Are they AD-native accounts now? I hope, but I would like to be 100% sure about it.

Resources