Aug 12 2020 05:46 AM
We're a small business of about 15 people, and have just moved to Microsoft 365 for email, and with it has come AAD user management which makes my life simple.
We have some simple file shares that are managed with local accounts. I'd like to move to on-prem AD with AAD Connect, and then assign these AAD users ("email accounts") to the various folders to handle permissions.
My current understanding is that AAD cant do user write back to on-prem, at all, and doing password and group writeback to on-prem requires the 'premium' tier of AAD, at $8/user/mo?
This seems both very convoluted (I am doing up a PS script to pull users back from AAD) and also incredibly expensive to simple have AAD users assigned to on-prem file shares. I'm hoping occam's razor applies here, and I've missed something simple?
Aug 13 2020 02:27 AM
Aug 13 2020 04:49 AM
Aug 13 2020 08:21 AM
@andrewvinci it seems you are now using AAD as primary user repo and authentication engine, therefore, it might be easier to either ask for the passwords, or move the file shares to the cloud that would be the best solution but not the cheapest one 🙂
Regards,
Charbel Hanna
Aug 25 2020 07:02 PM
@Charbelhanna Hello Charbel,
Thanks for the reply. Actually moving files to the cloud is technically and functionally impossible for us.
I have asked for some help on this, but i don't think there is a solution. https://techcommunity.microsoft.com/t5/sharepoint/sharing-a-shortcut-and-hyperlink-in-file-explorer/...
The issue is a lot of our core files need sharable location paths. A simple example is a folder path for an excel macro. There is no way we can get a path for User A that is the same as User B. Unfortunately this is preventing our move to cloud folders.
I have just resorted to asking users for passwords. It just looks incredibly unprofessional and people are wondering why Microsoft has such a half baked solution. I tell them it costs $10/user/mo to sync passwords, and now they just think Microsoft is stingy haha.