Hi @DW-Admin ,
Thank you for posting your query on Microsoft Q&A. PFB answer to your queries inline:
- Suggestions for additional preparations steps : Kindly follow Prerequisites for Azure AD Connect and Admin role considerations for validating both on-prem and Azure.
- What is the best way to link the user's on prem account with their Azure account? Here are the things to take care of to Sync with existing users in Azure AD
- What issues\concerns should I be aware of before starting the sync?
- Since all attributes in Azure AD are going to be overwritten by the on-premises value, make sure you have good data on-premises. For example, if you only have managed email address in Microsoft 365 and not kept it updated in on-premises AD DS, then you lose any values in Azure AD/Microsoft 365 not present in AD DS.
- If you use password sync, which is always used by express settings, then the password in Azure AD is overwritten with the password in on-premises AD. If your users are used to manage different passwords, then you need to inform them that they should use the on-premises password when you have installed Connect.
- For mail-enabled groups and contacts, you can soft-match based on proxyAddresses. Hard-match is not applicable since you can only update the sourceAnchor/immutableID (using PowerShell) on Users only. For groups that aren't mail-enabled, there is currently no support for soft-match or hard-match.
Please do let me know if you have any further queries in the comments section.
Thanks,
Akshay Kaushik
****Please "Accept the answer", "Upvote" and rate your experience if the suggestion works as per your business need. This will help us and others in the community as well.****