We are looking to move our customers who have an on-prem AD over to using Microsoft 365 and using the Windows 10 enterprise subscription for activation where the M365 users activate the enterprise licence. I have got this working in our simpler scenario using Azure AD Connect to hybrid join on-prem AD computers and users to the AAD and setting the user UPN as the on-prem ADs are non-routable domains.
I am now trying to get the subscription activation to work with an Office 365 tenancy which is federated with our own identity provider (we are a 3rd party idp that works with Office 365 and AAD). I have tried with users created and sync'd in the AAD via our idp and they appear to be correct in the AAD but windows 10 doesn't activate when the user logs on. The on-prem AD users have the UPN set correctly and I have configured Azure AD Connect to only sync an OU with computers and not any of the users.
Does anyone have experience of doing this with any 3rd party Idps? Is it possible or are there things we need to change?
We have got this working now. There was a mis-configuration where the Active Directory SCP entry was left pointing to a previous Office 365 test domain so the computer was still Azure AD joined to this old Office 365 tenancy but Azure AD Connect had replicated it to the new Office 365 tenancy I was using and the computer showed up in there as well.
On the computer it is a good idea to use dsregcmd /status and check the tenancy ID that it is joined to if you are having issues and have been used different tenancies.