SOLVED

If I already have Azure AD, then I sign up for 0365 can I select my existing Azure AD

Copper Contributor

Hello

I know 0365 used Azure AD as its identity store (possible the first product to do so)

 

However if I already have an Azure AD tenant (using for various things like IaaS, and AD Connect from on-prem AD) 

 

Then I decide to sign up for 0365 I do not want to end up with two cloud directories (e.g. Azure AD from my Azure tenant/subscription and another from my 0365 tenant/subscription)

 

Otherwise I assume I would have to sync the on-prem AD users to two directories instead of one.

 

Any advise on this most welcome

 

Thanks

JoJacksons

 

9 Replies

Thanks for the reply Ian 

 

This goes some way towards answering my question

 

Looks like there is no way around having two instances of Azure AD one for O365 and one for Azure which is a real shame. The is looks like you have to invite yourself to be a global admin from the Azure AD to your O365 AD so you can managed both.

 

My bigger issue is this

 

If I have an on-premise AD (like most people) and sync my AD users to Azure AD using AD Connect (again a common scenario) so I can then give these sync users access to cloud apps under MyApps.Microsoft.com e.g. Box or other app.

 

Then later I want to add O365 but 'for the same set of users' e.g. the users that are synced from on-premise to Azure AD but I end up with a separate could directory (e.g. the one backing O365) it is logical these separate O365 directory will have no knowledge of the users already synced to Azure AD (e.g. the once with Box and other apps under their MyApps portal) as they will be in a separate tenant, meaning somehow I will have to sync the users again using AD Connect but this time to O365 instead of Azure AD so I would have two syncs going side-by-side from on-premise AD to Azure AD and O365 AD 

 

Unless I am missing something here, that would logically appear to be how it is setup 

 

Any further advise most welcome

JoJacksons

 

I don't think so. When I logon to my instance of Azure AD, which was merged some time ago with  my Office 365 AAD instance - I can see and manage my users that were added in Office 365. These Office 365 users were added as cloud accounts as I no longer run a local AD, but I can't see that this would matter.

Hello Ian

 

Thanks again for taking the time to reply, in your last reply you said

 

"merged some time ago with  my Office 365 AAD instance"

 

How do you mean 'merged' as far as I am aware they are two separate tenants and therefore two separate directories? 

 

Please elaberate thanks very much

 

JoJacksons

 

Hello Ian

 

Thanks again for taking the time to reply, in your last reply you said

 

"merged some time ago with  my Office 365 AAD instance"

 

How do you mean 'merged' as far as I am aware they are two separate tenants and therefore two separate directories? 

 

Please elaberate thanks very much

 

JoJacksons

 

Hello Ian

 

Thanks for taking the time to reply, much appreciated 

 

When you say in your reply "When I logon to my instance of Azure AD, which was merged some time ago with  my Office 365 AAD instance" what do you mean by 'merged' I thought there were two separate tenants and therefore two separate directories, or do you mean you can manage them from one please?

 

Please elaborate, 

Thanks very much

JoJacksons

No you’re right, 2 directories still exist, merge is a term used by Microsoft in that link I sent you 

best response confirmed by Jo jacksons (Copper Contributor)
Solution

Hi Jo,

 

You can add an O365 subscription to your existing Azure subscription as descrided in the following link.

https://docs.microsoft.com/en-us/azure/billing/billing-use-existing-azure-account-for-office-365-sub...

This way you only have one Azure AD directory which is synced with your local AD.

 

Best regards,

Ruud Gijsbers

Thanks very much Ian and Rudd, much appreciated.

 

JoJacksons

1 best response

Accepted Solutions
best response confirmed by Jo jacksons (Copper Contributor)
Solution

Hi Jo,

 

You can add an O365 subscription to your existing Azure subscription as descrided in the following link.

https://docs.microsoft.com/en-us/azure/billing/billing-use-existing-azure-account-for-office-365-sub...

This way you only have one Azure AD directory which is synced with your local AD.

 

Best regards,

Ruud Gijsbers

View solution in original post