Apr 16 2021
- last edited on
Jan 14 2022
I am trying to find an easy solution for the following scenario:
I have tenant A and tenant B.
I would like to sync or copy all the users from tenant A to tenant B as guests. Easy so far.
The main problem is that I would need that every time when a user from tenant A is removed to automatically be removed from tenant B as well.
Does anyone have any idea of how this could be achieved in an easy way?
Apr 16 2021 09:15 AM
Apr 16 2021 10:12 AM
Apr 18 2021 03:49 PM
Apr 19 2021 01:51 AM
Hi @ramonabadea ,
I believe that AAD Connect uses MIM synchronization engine "under the hood" but the tool doesn't work for cross AAD tenant sync. If you choose to use MIM, as long as you have AAD P1 or P2 licenses (and a Windows Server OS license), you should be able to use it: https://azure.microsoft.com/en-us/pricing/details/active-directory/
The "Multi-tenant User Collaboration Patterns..." whitepaper talks about three distinct scenarios with different solutions. From your initial description I would think that the "Scripted collaboration" scenario (with Delta Queries, and MS Graph) would be a good fit for you, unless you require more advanced feature for M365. Or have you concluded you need those advanced features?
Apr 19 2021 06:38 AM
Apr 19 2021 06:56 AMSolution
I would personally avoid using the "resource tenant" pattern if there are only two tenants in the picture, I like simplicity.
I am not aware of any plans to decommission MIM as a product but anyway, if I were you, I would explore the Scripted collaboration option and use e.g. Azure Functions (PowerShell) to implement this "push" automation using Delta Query.