One of our customer is aspiring for a Fully cloud based identities. The set up is as follows.
The company is a conglomeration of many small companies. The On premise AD has about 50000 user objects. They have Azure and Office 365 subscriptions. SSO solution is implemented . (ADFS and AAD Connect).
A small group of companies (3000 users) with similar business functions want to branch away from the existing set up and move to a new O365 tenant to be in control of their own infrastructure.
They aspire for a fully cloud identities and they want to move all their on premise applications to the cloud on their journey to fully cloud org.
They do not mind typing in the credentials while they are on cloud and when accessing their on premise applications in the interim.
Is this possible or recommended. What are the high level steps to be performed and the risks to be factored.
For a start you will need to look at all the current workloads being used in the tenancy and how you will migrate them. For example, ExO mailboxes will need to be migrated using something like BitTitan.
Once you sort out this strategy copying the users to the new tenancy will be your next challenge.
Finally, moving the domain for this new company to the new tenancy and switching over your users would be the last step.