Merge local domain with existing office 365 domain

jan.fs 1 Reputation point

Hello everyone,

The goal is merging two domains into one domain to enable sso for office365 and authentification for all clients no matter if they are in the internal network or anywhere else.

Current State:

  1. Domain: comp.local
    This 2016-domain and DNS is hosted by a DC in our local network running in a VM responsible for our SMB-shares, client-authentification, printserver, dns etc.
  2. Domain:
    This domain was created on its own through Office365. This domain is just for our Exchange (Office365) Server hosted by microsoft. Every employee has an email account like .com

I don't really know where to start and what the perfect result should look like.

I think in the end there should be one main domain like running on our dc synced with the office365 cloud to enable single sign on.

Thank you for your help!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,299 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. James Hamil 21,386 Reputation points Microsoft Employee

    Hi @jan.fs , This documentation goes into a lot of detail on how you can accomplish this. If you look this over and have any questions I would be happy to answer them!


    1 person found this answer helpful.
    0 comments No comments

  2. Boubacar Diallo 456 Reputation points

    Hi @jan.fs .

    If I really understood your question here: you have one DC under a ".local" domain and you would like to use your O365 custom domain "" to setup SSO and let your users authenticate with your custom domain. if that's the case.

    Then you will first need to add your O365 custom domain "" as a UPN Suffix in AD.

    To do that: go to your DC > Server manager > Tools > Active Directory Domain and Trusts > right click and then go to properties. Then you will be able to add your "" domain as a UPN suffix.

    Once you apply it, then you will be able to create all your users in AD with that domain "".

    Next, you will then need to download AAD-Connect and configure it to sync with your O365 environment.

    0 comments No comments

  3. Thameur-BOURBITA 32,496 Reputation points



    For your information , merge your domains to ensure the SSO is not required because Azure Ad connect support the synchronization of many forest to get more details take a look on the following links:



    please don't forget to mark this reply as answer if it help to fix your issue

    0 comments No comments