Forum Discussion

Jo jacksons's avatar
Jo jacksons
Copper Contributor
Mar 03, 2018
Solved

If I already have Azure AD, then I sign up for 0365 can I select my existing Azure AD

Hello I know 0365 used Azure AD as its identity store (possible the first product to do so)   However if I already have an Azure AD tenant (using for various things like IaaS, and AD Connect fr...
office 365
  • RuudGijsbers's avatar
    RuudGijsbers
    Mar 06, 2018

    Hi Jo,

     

    You can add an O365 subscription to your existing Azure subscription as descrided in the following link.

    https://docs.microsoft.com/en-us/azure/billing/billing-use-existing-azure-account-for-office-365-subscription

    This way you only have one Azure AD directory which is synced with your local AD.

     

    Best regards,

    Ruud Gijsbers

  • Jo jacksons's avatar
    Jo jacksons
    Copper Contributor
    Mar 03, 2018

    Thanks for the reply Ian 

     

    This goes some way towards answering my question

     

    Looks like there is no way around having two instances of Azure AD one for O365 and one for Azure which is a real shame. The is looks like you have to invite yourself to be a global admin from the Azure AD to your O365 AD so you can managed both.

     

    My bigger issue is this

     

    If I have an on-premise AD (like most people) and sync my AD users to Azure AD using AD Connect (again a common scenario) so I can then give these sync users access to cloud apps under MyApps.Microsoft.com e.g. Box or other app.

     

    Then later I want to add O365 but 'for the same set of users' e.g. the users that are synced from on-premise to Azure AD but I end up with a separate could directory (e.g. the one backing O365) it is logical these separate O365 directory will have no knowledge of the users already synced to Azure AD (e.g. the once with Box and other apps under their MyApps portal) as they will be in a separate tenant, meaning somehow I will have to sync the users again using AD Connect but this time to O365 instead of Azure AD so I would have two syncs going side-by-side from on-premise AD to Azure AD and O365 AD 

     

    Unless I am missing something here, that would logically appear to be how it is setup 

     

    Any further advise most welcome

    JoJacksons

     

    • Ian Moran's avatar
      Ian Moran
      Iron Contributor
      Mar 03, 2018

      I don't think so. When I logon to my instance of Azure AD, which was merged some time ago with  my Office 365 AAD instance - I can see and manage my users that were added in Office 365. These Office 365 users were added as cloud accounts as I no longer run a local AD, but I can't see that this would matter.

      • Jo jacksons's avatar
        Jo jacksons
        Copper Contributor
        Mar 05, 2018

        Hello Ian

         

        Thanks for taking the time to reply, much appreciated 

         

        When you say in your reply "When I logon to my instance of Azure AD, which was merged some time ago with  my Office 365 AAD instance" what do you mean by 'merged' I thought there were two separate tenants and therefore two separate directories, or do you mean you can manage them from one please?

         

        Please elaborate, 

        Thanks very much

        JoJacksons

Resources