Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Integrating On-Premise AD with Cloud AD tenants

Copper Contributor

Hello folks,

Any one here has knowledge on Hybrid AD setup using On-Prem AD in combination with Cloud AD providers?


Need help understanding a scenario, if it is possible or not. Thanks! : )

- Situation: Already running on-prem AD integrated with Azure AD.
- Problem: Want to integrate another cloud AD to the setup above. In this new cloud AD, a sub setup of groups/roles/policies will be defined, but all user identifiers, objects etc still live in on-prem AD.
- Possible Solutions?

 

Any inputs appreciated : )
Thanks!

4 Replies
You can never have the same objects syncing with more than one AAD!
Also you will always need one AD Connect per AAD!

I’ll suggest taking a look at the supported scenarios listed here:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies

In your case the Following scenario from the link is of interest:

“Each object only once in an Azure AD tenant”

Adam
Thank you for your inputs :)

Do you know if there is any alternate solutions to the situation?

We have several organizational units and want to control access to applications for users part of our unit only, and other units control their sub set of users etc. Also we do have some central applications as well which are common for all users.

Appreciate your help. Thanks! :)
Not that I know of! The different supported scenarios are what you get basically!
Alright..

Thanks for your help! :)

//Raywon