Existing Azure AD sync to new local AD

kahuna6370 · 2020-03-24T00:46:56.000Z

Hello, we have an existing Azure AD / Office 365 environment with a few hundred users and are adding local servers. We are looking to connect all this into a hybrid environment. Looking to be able to sync passwords and ideally authenticate against the Azure or local.

Sounds like we are looking at PTA and SSO from what I am reading. Does that sound right and any good guides on how to get that done?

Most everything we’ve seen is more focused on syncing local AD to Azure, but right now we want to pull info and passwords back from Azure and be able to authenticate in both places if possible. We are of course worried about screwing this up and doing something that will wipe out Azure data or passwords.

I’d appreciate any help of guidance on getting this done. Thanks

lesliemaclachlan2 · 2020-03-24T12:09:32.000Z

Hi,

If you sync AD with Azure AD using AD Connect, your local AD will always be authoritative. You can log into azure, and use your normal AD user UPN and password to log into AD as Azure AD will reference your on site AD.

Regards,

Leslie

kahuna6370 · 2020-03-26T22:10:40.000Z

Thanks, I have read that. The thing I am wondering is if there is a way to do an initial sync of some type to pull down users and passwords to local AD that way when we start syncing with AD Connect we won’t reset passwords for everyone.