Hello Eric, Welcome to MS Q&A
To move to a hybrid identity setup with on-premises Active Directory (AD) without recreating existing user accounts or losing data, you can use Microsoft Entra Connect to synchronize your on-premises identities with Microsoft Entra ID. This allows you to maintain a single user object in both environments, ensuring that users can sign in to both on-premises systems and cloud resources with the same identity.
Here are the steps to achieve this:
- Install Microsoft Entra Connect: This tool will help synchronize your existing on-premises AD users to Microsoft Entra ID. Ensure that you have the latest version installed.
- Synchronize User Accounts: Use Microsoft Entra Connect to sync your existing user accounts from on-premises AD to Microsoft Entra ID. This process does not require recreating accounts, as it will sync the existing user data.
- Maintain Data Integrity: Since you are synchronizing existing accounts, there should be no loss of data. The synchronization process will ensure that user attributes and credentials are preserved.
- Test and Validate: Before fully transitioning, it’s advisable to test the setup with a staged rollout to ensure that everything works as expected.
By following these steps, you can effectively transition to a hybrid identity setup while keeping your existing user accounts intact.
References:
- Hybrid identity with Active Directory and Microsoft Entra ID in Azure landing zones
- Four steps to a strong identity foundation with Microsoft Entra ID
Please let me know if you have any further questions
Kindly accept answer if it helps
Thanks
Deepanshu