Mar 04 2019
We have a parent domain in AD: abc.com and a child domain: abc.india.com (both are syncing to Office 365).
There were user accounts created in child domain which also has the Windows login for users.
Their accounts in AD: firstname.lastname@example.org
They synced to office 365>Their accounts became email@example.com on O365
We created same accounts in the parent domain with username: firstname.lastname@example.org
They synced to office 365>Their accounts became email@example.com on O365
Licenses were assigned to the accounts in parent domain: firstname.lastname@example.org
Now users with abc.in domain on O365 are active and have mailboxes. (Syncing with parent domain)
These users are unlicensed with domain: abc.onmicrosoft.com (Syncing with child domain)
If we do a password sync from child domain, it gets applied to the unlicensed user.
We want to make sure that all the users are active from the child domain, we are able to do password sync successfully without impacting any data and Windows logon.
I tried the following steps:
Reproduced the issue with a new user
I moved the user from parent domain to a non-syncing OU.
I moved the user from child domain to a non-syncing OU.
Both users moved to deleted users.
I restored the one with abc.IN domain which became an in-cloud user.
Then ran the following command:
Get-MsolUser -ReturnDeletedUsers | Set-MsolUser -ImmutableId "" -UserPrincipalName "email@example.com"
I tried to move the user to syncing OU in child domain: it appeared on O365 as firstname.lastname@example.org.
Now I want to make sure that once I remove the user from Non-syncing OU to syncing OU in child domain again: that user merges with the username on Office 365 (email@example.com)
With common username(as all the users have common usernames)
Any help would be appreciated on this.