New AD azure configuration question

Daniele W 1 Reputation point


For a new company installation.

I've a local AD Controller SERVER 2016 with the following forest created:

I want to connect this AD Controller to Azure AD as I'm running Office 365 Business Standard. I want to run an hybrid AD solution.

Running Azure Ad Connect express setup it shows me:


Active Directory UPN Suffix | Azure AD Domain | Not Added | Verified



If I continue do my users need to auth with @keyman instead of ?
I want to give the them the best experience possibile, and I decided for the hybrid solution to have same login experience.

Let me know how you would proceed.. Do I have to remove ?

Thanks for the help,


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,063 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Abhijeet-MSFT 546 Reputation points Microsoft Employee

    Hi @Daniele W , if you check the checkbox and hit next, users will have to sign in to Azure resources using and to access onprem resources they will have to use upn@keyman If you would like to provide the users with a seamless experience, either add @keyman on azure as a verified domain or add users in the onpremise AD as

    1 person found this answer helpful.