Forum Discussion
How to correctly implement Entra ID Connect sync when users exists in Entra ID as cloud users?
Hi Everyone,
I have a small on-premises exchange server 2016 setup which we're planning to make Hybrid. We do have a O365 environment (Business Standard Licensed) which is independent as users signed in for Teams and SharePoint Online usage. We now have to implement Entra ID Connect (Azure AD Connect) to facilitate Exchange Hybrid deployment.
My questions are:
1. These users currently exists in Entra ID as cloud accounts (as they've been using Cloud Apps such as Teams, SPO with their Windows 10 joined to Entra ID) will there be any issues when sync is configured ? (i.e. duplicate of identity errors etc..)
2. What's the best approach to implement Entra ID Connect and sync these user from AD to Engtra ID without having to remove these accounts from Entra ID?
Any inputs are highly appreciated !
Thank you!
Hi,
Have a read of the following, as the "easiest" path for you will likely be soft-matching on the userPrincipalName:
You might also benefit from reading the following which describes the importance of the nominated source anchor within the AAD Connect configuration, but the userPrincipalName soft-matching is still the prudent path for you to take.
Regardless of your starting point, there's no reason you should end up with duplicates. That will only happen if you haven't planned properly around anchors and domain namespaces.
Cheers,
Lain
- I think it's best to go with cloud sync instead of Connect. This, in fact, ensures that your Azure Ad remains leading. More info:
https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/what-is-cloud-sync
