New AD azure configuration question

Daniele W 1 Reputation point
2020-11-27T15:15:07.91+00:00

Hello,

For a new company installation.

I've a local AD Controller SERVER 2016 with the following forest created:
domain.ZZZ.com

I want to connect this AD Controller to Azure AD as I'm running Office 365 Business Standard. I want to run an hybrid AD solution.

Running Azure Ad Connect express setup it shows me:

--------------------------------------------------------

Active Directory UPN Suffix | Azure AD Domain

domain.ZZZ.com | Not Added
ZZZ.com | Verified

----------------------------------------------------------

43160-image.png

If I continue do my users need to auth with @keyman .ZZZ.com instead of @ZZZ.com ?
I want to give the them the best experience possibile, and I decided for the hybrid solution to have same login experience.

Let me know how you would proceed.. Do I have to remove domain.ZZZ.com ?

Thanks for the help,

Daniele

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,063 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Abhijeet-MSFT 546 Reputation points Microsoft Employee
    2020-11-28T14:12:37.067+00:00

    Hi @Daniele W , if you check the checkbox and hit next, users will have to sign in to Azure resources using upn@zzz.com and to access onprem resources they will have to use upn@keyman .zzz.com. If you would like to provide the users with a seamless experience, either add @keyman .zzz.com on azure as a verified domain or add users in the onpremise AD as upn@zzz.com

    1 person found this answer helpful.