@Michael185 Usually you'd set up Azure AD Connect or Azure AD Cloud Sync to enable hybrid identities. This would synchronize the users in the local Active Directory into Azure AD, which is used to power services like Exchange Online. You could do all kinds of fancy stuff, but in your case, if the idea is just to keep the users identity the same, above should work. Within the local domain the AD user can be used for sharing permissions, and the same username can be used to sign into eg. Exchange Online/mail.

For more information on various topics related to hybrid identity, please have a look here.

You need to have the *.local domain run in Hybrid mode with outlook.com (Azure/Office365).

One way to achieve that would be to use Hybrid Azure Active Directory join.

However, In order to configure Hybrid Azure Active Directory join, it is a necessary to meet the following requirements:

• Azure AD Connect
• Access to Credentials of Global Administrator for your Azure AD Tenant
• Enterprise Administrator credentials for each of the forests

In below documentation, it is important to note that configurations are based utilizing Wizard in Azure AD Connect. Moreover, in order to use Hybrid Azure AD join, it is required that the devices on which it is being employed would have access to the following Microsoft Resources to organization’s network.:

• https://enterpriseregistration.windows.net
• https://login.microsoftonline.com
• https://device.login.microsoftonline.com
• https://autologon.microsoftazuread-sso.com

In order to further view the documentation, you can visit on Microsoft’s documentation link:

https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains