Share via

Migrate DC SERVER to Azure AD

Zeeshan Peter 1 Reputation point
2022-12-23T11:55:21.14+00:00

Hi,
I hope you all are doing well....

We are using an active directory with windows server 2012 on Aws so at the moment we have to log in to Windows Server to create an account and with Azure Connect the user is created on Office365.

We have bought the Intune with E3 license and all our systems are enrolled on Intunes..

Can somebody explain how can i transfer make the settings that we can directly create office365 users without having to login to dc as we no longer need gpo or any other settings from that server all our deployments are done through intune and we have Integrated Okta to do the logins of users...

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,570 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carlos Solís Salazar 18,171 Reputation points MVP
    2022-12-23T14:00:15.123+00:00

    Hi @Zeeshan Peter

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    You can create a user directly in your Azure AD connect, but the user will not synchronize on your Active Directory.

    Also, in your Intune, you must allow Azure AD Joined device/user

    Hope this helps,

    ----------

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

    NOTE: To answer you as quickly as possible, please mention me in your reply.

    0 comments
  2. Jordan Millama 1,376 Reputation points
    2022-12-23T14:14:05.647+00:00

    You'll need to utilize Azure AD Connect and enable Group Writeback. This will allow writing back to your on-premises Active Directory and essentially syncing groups and users between the two. how-to-connect-group-writeback-v2

    You may want to also enable Password Writeback, this will allow password resets from the admin portal or the use of self-service password reset and will ensure that it syncs and updates the user's on-premises AD password as well. This works both ways, reset/change a user's password in on-prem AD will sync with AAD. tutorial-enable-sspr-writeback

    ----------

    Please accept as an answer if this was helpful.

    0 comments
  3. Gayan Wimalarathne 181 Reputation points
    2022-12-25T03:27:41.197+00:00

    Hi @Zeeshan Peter , if you want to turn off directory synchronization and convert your synchronized users to cloud-only users, please follow this guide:

    https://learn.microsoft.com/en-us/microsoft-365/enterprise/turn-off-directory-synchronization?view=o365-worldwide

    Hope it helps.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.