Forum Discussion
Understanding the best pathway to establish Hybrid Azure AD
Hello, I have a client that has this setup: On premise AD named abc.local Microsoft hosted O365 Exchange belonging to a domain called abc.com. The on premise domain and the hosted O365 email doma...
You may consider on below apporach:
- Extend On-Premises AD to Azure AD:
- Use Azure AD Connect: This tool will synchronize your on-premises AD (abc.local) with Azure AD. It allows you to maintain your existing on-premises domain and user profiles while extending your directory to the cloud.
- Password Hash Synchronization (PHS) or Pass-Through Authentication (PTA): These options enable users to sign in to Azure AD and Office 365 using their on-premises credentials, providing a seamless Single Sign-On (SSO) experience.
- Hybrid Exchange Deployment:
- Set Up Hybrid Exchange: Configure a hybrid Exchange environment to manage mailboxes both on-premises and in Office 365. This allows you to migrate mailboxes gradually without disrupting user access.
- Migrate Mailboxes: Once the hybrid environment is established, you can start migrating mailboxes from your on-premises Exchange to Office 365. This ensures a smooth transition without needing to re-establish user profiles.
- Maintain User Profiles:
- Profile Management: Since your Windows 11 workstations are already joined to the abc.local domain, using Azure AD Connect ensures that user profiles remain intact. Users will continue to log in with their existing credentials, and their profiles will not need to be re-established.
- Use Existing Office 365 Domain (abc.com):
- Domain Integration: After synchronizing your on-premises AD with Azure AD, you can configure Azure AD to recognize both abc.local and abc.com domains. This allows you to manage users and resources across both environments seamlessly.