Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Is it possible to sync a newly created Azure AD user back to on-premises?

Copper Contributor

Hi,

 

Is it possible to sync a newly created Azure AD user back to on-premises AD? We would like to shift our user management from on-premises to the cloud but we still have (legacy) applications that need an AD user.

 

I searched Microsoft Docs but could not find a clear answer.

 

Regards,

 

DJITS.

 

3 Replies

@Diederik Janson 

 

Maybe this info will help you, if not please just ignore it.

Azure AD Connect user sign-in options

https://docs.microsoft.com/en-gb/azure/active-directory/hybrid/plan-connect-user-signin

 

I would be happy to know if I could help.


Nikolino
I know I don't know anything (Socrates)

Sync is one-way only, from AD to Azure AD. You can easily export/import users and other object types and their properties via PowerShell.

Yes, see soft matching here: https://dirteam.com/sander/2020/03/27/explained-user-hard-matching-and-soft-matching-in-azure-ad-con...

basically, the login or UPN and primary e-mail address match and it'll link them together. Just remember when you do this, their login will break, so it's important to make sure their passwords match as well when you do it, but we used this method to take our azure accounts and put them in local AD.

Assuming the local account doesn't exist and you are creating a new one? If you are using an existing one if it has exchange attributes or anything else crazy about it you might have to take more things into consideration.