Move User to Different On-Prem AD But Keep Existing Synced O365 Email

WhatAmIDoingWrong 21 Reputation points
2023-01-04T15:37:59.35+00:00

We have two separate on-premise AD domains (Company1 and Company2--no trust set up between them) synchronizing to one Azure tenant and there are several users that will need to be moved from one on-premise AD domain to the other but, when I tried this in the past with several test accounts, I get synchronization errors or lost email.

Let's say John Doe used to be Company1 staff but now he's working for Company2 so I need to move his jdoe account from our Company1 AD to our Company2 AD but he would still need all his existing email. He used to log in as jdoe to a Company1 domain computer on premise but now he will be logging in to our Company2 domain computers on premise. If I removed his jdoe account in the on-prem Company1 AD and create it in the on-prem Company2 AD, he will be able to log into on-prem Company2 domain computers but, as soon as it synchronizes to O365, all of his existing jdoe@o365domain.com email will be gone.

I tried running ldifde -d “CN=jdoe,OU=OU_Name,DC=domain,DC=com” -f c:\User1.txt and then Set-MsolUser –UserPrincipalName jdoe@o365domain.com -ImmutableId H6qERZZZw0m+X+K+WIm+/P== but I couldn't get it to work. I couldn't find any information online where there are two on-prem domains syncing to O365 so I thought I'd ask for assistance.

How can I do this without causing synchronization errors or losing all his email? Thank you very much!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,466 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. risolis 8,701 Reputation points
    2023-01-05T04:47:04.007+00:00

    Hello @WhatAmIDoingWrong

    Thank you for posting this concern on this community space.

    I am thinking of sharing the following link down below which might fit into your case scenario but if not, please correct me on this as well.

    https://learn.microsoft.com/en-us/microsoft-365/solutions/choose-domain-to-create-groups?view=o365-worldwide

    https://learn.microsoft.com/en-us/exchange/hybrid-deployment/set-up-microsoft-365-groups

    https://learn.microsoft.com/en-us/answers/questions/1147611/have-one-doubt-about-ad-connect-group-writeback-op.html

    Let me know if that was useful but if not, I can keep assisting you further.

    Looking forward to your feedback,

    Cheers,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.