Feb 14 2021 08:41 AM
Hello all,
We are about to create a new on premises AD domain in a company who already had Office 365, and now they want to manage internal infrastructure. We have found several resources on how to do it, however there are some gray areas:
1. Is there a way, when syncing office 365 users to on prem. to allow the users to keep their (already known) Office 365 password to login to their workstations?
2. What do we need to do after to have Azure AD sync for the local AD and the O365 (keep in mind that we are looking to use the free Azure AD, based on our Office 365 subscriptions).
Thanks in advance
Best regards
K
Feb 15 2021 09:42 AM
Sync is one-directional only, *from* on-premises AD to Azure AD. You cannot do it in the other direction. The usual workaround is to export/import the objects via PowerShell or use third-party tools that do the same.
Feb 22 2021 02:42 PM
Thank you very much @VasilMichev
One area of concern: what happens to Office 365 users that I choose not to sync from on premises AD > Office 365 AD?
To be more specific, I dont need all the users of the Office 365 AD to be a part of the on premises AD, so when I got a csv from Office 365 AD, I did not import all the users in the local AD.
What will happen to those users after the first initial sync? WIll they be deleted from Office 365 AD or remain "cloud-only"?
Best regards
K
Feb 23 2021 12:55 AM
Feb 23 2021 08:26 AM
SolutionYes, unless they get matched with an on-premises object (based on Primary SMTP address/UPN).
Feb 23 2021 10:07 PM
Thank you @VasilMichev
What I noticed is this: when the user is moved to a non-syncing OU, its moved to Deleted Users of Office 365 after next delta sync. When the user is restored, its password need to be changed in order to become cloud-only.
Best regards
K
Feb 23 2021 08:26 AM
SolutionYes, unless they get matched with an on-premises object (based on Primary SMTP address/UPN).