Planning for the migration of one of our web application being used by B2B customers. We have customers small to large scale enterprises. At the moment web app is deployed for each enterprise customer within there premises. Rollowing out new vesion and maintaince is just going very crazy on top of customization for some customers.
For one business use case, Web App syncs the AD Users and Groups into its own database from the customers AD. Sync is not happening for the authentication or authorization scenario.
For most of the migration things are sorted out including the identity federation, except for one scenario where there has been security concerns raised by customers. - Sync the users and groups from the AD to Web App database.
PASSWORD / hash ofr PASSWORD is not synced. Only few user identification attributes and group information is synced.
At the moment planned to have write new sync connector - similar to Azure AD Connect connect to securely transfer the data between on-premises AD to Azure hosted application database.
What would be the secure and best alternate options to fetch the users and groups information from the customer on-premise AD into database of the Web App deployed in Azure.