Sync Office365 with AD

Occasional Contributor

Hi ,

Could you help me please how I can sync existing Office365 AD with existing AD on-premise, the problem is the person who was doing maintenance this, he added users and group separately first on AD on-premise and after that he added users on Office365, I can expect with different passwords on  .. how I can synchronize so that on both sides nothing remove


thank you very much,

9 Replies

You have to "match" the users, either via Primary SMTP Address (soft match) or via objectGUID (hard match). Here are links with more detail:

@Vasil Michev  thank you for answer, could you tell me please how I can protect if something going wrong , I mean how I can role back ? do I have any risk to lost emails or ...?


thank you very much,


There's no rolling back, the accounts will be "linked". You can always backup any email/documents first.

@Vasil Michev thank you for answer, could you tell me please I choose hard match way one by one sync AD account with existing office365 accounts  , but how about user groups how I can create on premise and sync with my existing groups on Azure AD


thank you very much for your help

There is no "matching" process for groups, if you want to manage them centrally you'll have to sync them, and optionally remove the cloud-created ones.

@Vasil Michev  thank you for your help , i have a question if I choose hard match sync one by one , and I saw in Office 365 have two SMTP:**** (ok one is they do not use just received email) and one X400:  or X500 what is it ? 


thank you

Hard-match is based on the objectGUID, not SMTP. Soft-match is for primary SMTP address, so the capital-case SMTP address.

@Vasil Michev thank you for your help