Forum Discussion

Byrdie68's avatar
Byrdie68
Copper Contributor
Nov 28, 2019

Advice for syncing from local AD

Hi,    I've a customer where we're implementing dynamics 365, this is their first venture into the cloud. They would like to use SSO for dynamics 365, syncing their ad usernames and passwords to az...
  • oliwer_sundgren's avatar
    Nov 28, 2019

    Hello there Byrdie68 ! 

    If the users have not started using Dynamics yet and the cloud accounts are empty, then I suggest the following approach 

     

    1. Add your custom domain ( customer.com ) to Office365 
    2. Delete the cloud users 
    3. Download Azure AD connect to an on-prem server 
    4. Make sure all user accounts in the local AD have @domain.com as their UPN Prefix ( .Local accounts can not sync ) 
    5. Configure Azure AD connect by following the Wizard 

     

    Now that Azure AD connect is installed and syncing your users to the cloud you can go ahead and give them the Dynamics licenses 

     

    In order for SSO to work in the local network I recommend deploying PTA ( pass-through authentication ) and Seamless-SSO in Azure AD connect 

     

    If your users in the cloud have already started using Dynamics and you dont want to delete their accounts then I suggest this alternative approach 

    1. Add your custom domain ( customer.com ) to Office365 
    2. Edit so all users have the @customer.com domain instead of the onmicrosoft.com address
    3. Download Azure AD connect to an on-prem server 
    4. Make sure all user accounts in the local AD have @domain.com as their UPN Prefix ( .Local accounts can not sync ) 
    5. Configure Azure AD connect by following the Wizard 

    This will hopefully make the user accounts in the cloud do  a so called "SMTP Soft match" with your on-prem accounts 

     

    Let me know if you have any questions or if anything is unclear in my answer!

    Kind Regards
    Oliwer Sjöberg

     

Resources