Forum Discussion
Azure AD connect with existing O365 user accounts
My overall plan is to migrate our Exchange 2013 server to Exchange Online. If I'm right, it will be easier if I install Azure AD Connect on our AD so it will sync with O365 and users can sign in wit...
Hi tantonyrei,
Are your current Office365 users configured with your custom domain, ( same as the AD one )?
(.local domain is an internal AD one and it's not a valid domain to sync ).
If you have your users configured like, ( example ), contoso.com in both environment, soft matching should be possible during the sync: How to use SMTP matching to match on-premises user accounts to Office 365 user accounts for directory synchronization - Microsoft Support
The accounts will not be duplicated. If AD Connect identifies an existing cloud account with the same UPN/SMTP but is not able to do the soft match, ( probably due an immutableId error ), you'll see the sync error for that/those user/s and you'll be able to fix it. ( In that case a hard match will be required ).
This article will help you understanding the attributes population: How the proxyAddresses attribute is populated in Azure AD - Active Directory | Microsoft Learn
And I found this one that's really interesting in your scenario: Sync existing office 365 tenant with local active directory | 2 Azure
Hope this helps. Good luck 🙂
Sorry for the late reply. My local AD is a .local, so I added company.com UPN to my AD. My O365 is company.onmicrosoft.com, so I added company.com to the domain, but as soon as I added it, the user's Outlook stopped working and it kept asking for their password, even though I had company.onmicrosoft.com as the default.
But when I removed the company.com domain from O365 admin center, the user's emails returned back to normal and working. I'm not sure what caused it.
When I added company.com to O365 originally, it asked me to add some TXT records to my DNS and I did. It kept saying that my company.com domain was already associated with another O365 account, which my collogue created for testing, so I removed company.com from the O365 account my collogue created so I could add it to the 'live' O365 account.Hi tantonyrei,
The TXT record is only for the domain verification in O365, but that doesn't mean that the domain will work with mailflow.
You'll need to modify the MX, CNAME, etc... Records at the NS.
Once you add the domain, ( after the TXT record ), you'll see a screen with all the required records for email and other services.
- Hi FcoManigrasso, thanks for the reply.
Correct, I understand TXT record is only for the initial domain verification and once the domain is verified, we can remove the TXT record from DNS.
Yes, I saw the screen after adding domain to modify the MX, CNAME etc, but I wasn't sure what to select there, so I selected 'skip this option', could that be what caused the whole issue? Sorry I'm new to O365, so I don't understand what does that have to do with user's Outlook prompting for passwords. Our exchange server is on premise 2013.
