We have about 500 distribution groups in our on-premise Active Directory. They are synced via AD Connect.
Is there a way to make AzureAD the authoritative source, without having to recreate the groups in the cloud only? Basically cutting the ties to our on-premise AD, so we can delete the groups in our local AD without it affecting them in AzureAD?
The alternative (that I rather don't do) would be to delete them from on-premise, sync the deletion and then recreate them in the cloud. But that way we risk that our users get NDR messages until they delete their Outlook cache, which is quite a problem with 700 users.