SOLVED

Single Forest AD Sync to Multiple Azure AD

Deleted
Not applicable

Does anyone have any information on approved architecture for the following:

 

Single AD Forest to two disperate Azure AD Connect instances.  Each synced to different OUs.  Underlying issue is multiple tenants, one AD.  Ultimately would like to be able to sync single AD forest to both tenants, different OUs.  Any direction is appreciated.  

9 Replies
I would recommend asking this in Azure AD space at https://techcommunity.microsoft.com/t5/Azure-Active-Directory/bd-p/Azure-Active-Directory. I think that this space is for people to talk about the overall MS Tech Community.
best response confirmed by VI_Migration (Silver Contributor)
Solution

Yes, I've done this a few times. So long as the two Azure AD Connect instances are each on different servers, you will be fine. Will any users need to exist in both tenants? That's where things can get sticky.

 Let me know and I can send you some guidelines and starting points

Hi Max,

 

We want to migrate our office 365 tenant to another tenant because of a name change.

However, we want to keep our on premise AD.

This means both users will have to exist in both tenants.

That's why I'm very interested in your guidelines and starting points.

Is it possible to sent me some more information about this?

Thx

Hi Jo,

 

Here is the official article https://support.office.com/en-us/article/How-to-migrate-mailboxes-from-one-Office-365-tenant-to-anot...

 

But to migrate other workloads is better to use third party tools.

Hi Max,

 

how to configure Hybrid setup with single Exchange Organization to Multiple Office 365 Tenants. is it possible?? please share if you have some Documents.

@Max Fritz 

 Hi @Max Fritz,

 

You can only have one Hybrid per Tenant and you can only configure one Hybrid, so that scenario is not possible. 

Yeah, not possible

Please see this link for supported scenarios:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies

Adam

@Max Fritz 

 

Please can you help me for the scenario where a specific OU from AD will be synced to 2 Azure AD tenants. First tenant will have o365 Exchange, Sharepoint, the 2nd tenant will have o365 Power BI.

 

Users access to o365 from 1st Tenant and Power BI from 2nd Tenant both with MFA.

 

thanks
Sai

 

@Max Fritz Will any users need to exist in both tenants? That's where things can get sticky.

 

Microsoft has come a long way in this regards, but we are about to face this exact situation and I see no clear answer as to having two Azure AD Connect syncs look at the same OUs in the same forest.  With the potential for the same user object to exist in both tenants with different domains. Is this possible today? 

1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution

Yes, I've done this a few times. So long as the two Azure AD Connect instances are each on different servers, you will be fine. Will any users need to exist in both tenants? That's where things can get sticky.

 Let me know and I can send you some guidelines and starting points

View solution in original post