Forum Discussion
Azure AD Windows 10 and Azure AD Connect
AJ Kertis what UPN are you creating on the Azure AD side for your users? And does it match the upn for the user in your on prem AD?
If you are trying to syn a upn like first.last@yourdomain.com and you have not added the domain yourdomain.com to your Azure tenant, then the sync will automatically default to first.last@*.onmicrosoft.com
jasonsch69 we originally started with Office 365 but yeah the UPN used for everything Azure and Office 365 is the same as the one I'm trying to use and is set accordingly in our local AD.
first you create your tenant "name".onmicrosoft.com
second you have to add your custom domain like "yourdomain.com" to your tenant
3rd your onprem UPN needs to be username@yourdomain.com - if its not than please add it to your onprem AD and change your upn (be careful that needs to tested)
4th you install AdConnect and sync your user
5th if this is successfull than you are able to see your users in aad ->users with same upn just like in your onprem-AD
6th try to login to portal.azure.com or myapps.microsoft.com with username@yourdomain.com
7th you also be able to login to your domain-joined-devices with username@yourdomain.com
We do use ADFS for the azure portal. I'm able to login through azure with my email/password but it is federated. I still can't login with domain joined devices.
I am not realy sure if this is possible. Because your users are onprem. You configered adfs. When you try to login then you will redirected to your onprem AD. Your devices are only known to aad. Your onprem Ad do not know these devices so you can not login... so your users are in ad (when you use adfs it doesn't madder if your are sync your password hash) and your devices not. I would join the devices to your on Prem ad and sync these to azure ad. then you have hybrid-joined devices... https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/devices/hybrid-azuread-join-federated-domains
on these devices you can login with your synced users!
