Forum Discussion
Solved
If I already have Azure AD, then I sign up for 0365 can I select my existing Azure AD
Hello
I know 0365 used Azure AD as its identity store (possible the first product to do so)
However if I already have an Azure AD tenant (using for various things like IaaS, and AD Connect from on-prem AD)
Then I decide to sign up for 0365 I do not want to end up with two cloud directories (e.g. Azure AD from my Azure tenant/subscription and another from my 0365 tenant/subscription)
Otherwise I assume I would have to sync the on-prem AD users to two directories instead of one.
Any advise on this most welcome
Thanks
JoJacksons
Hi Jo,
You can add an O365 subscription to your existing Azure subscription as descrided in the following link.
This way you only have one Azure AD directory which is synced with your local AD.
Best regards,
Ruud Gijsbers
Hi Jo,
You can add an O365 subscription to your existing Azure subscription as descrided in the following link.
This way you only have one Azure AD directory which is synced with your local AD.
Best regards,
Ruud Gijsbers
Thanks very much Ian and Rudd, much appreciated.
JoJacksons
Thanks for the reply Ian
This goes some way towards answering my question
Looks like there is no way around having two instances of Azure AD one for O365 and one for Azure which is a real shame. The is looks like you have to invite yourself to be a global admin from the Azure AD to your O365 AD so you can managed both.
My bigger issue is this
If I have an on-premise AD (like most people) and sync my AD users to Azure AD using AD Connect (again a common scenario) so I can then give these sync users access to cloud apps under MyApps.Microsoft.com e.g. Box or other app.
Then later I want to add O365 but 'for the same set of users' e.g. the users that are synced from on-premise to Azure AD but I end up with a separate could directory (e.g. the one backing O365) it is logical these separate O365 directory will have no knowledge of the users already synced to Azure AD (e.g. the once with Box and other apps under their MyApps portal) as they will be in a separate tenant, meaning somehow I will have to sync the users again using AD Connect but this time to O365 instead of Azure AD so I would have two syncs going side-by-side from on-premise AD to Azure AD and O365 AD
Unless I am missing something here, that would logically appear to be how it is setup
Any further advise most welcome
JoJacksons
I don't think so. When I logon to my instance of Azure AD, which was merged some time ago with my Office 365 AAD instance - I can see and manage my users that were added in Office 365. These Office 365 users were added as cloud accounts as I no longer run a local AD, but I can't see that this would matter.
