Share via

Converting Cloud-Only Entra ID Users to Hybrid — Is It Possible?

Eric Chin 0 Reputation points
2024-12-17T10:51:43.24+00:00

Hi everyone,

I currently have all of my users created directly in Entra ID with no on-premises Active Directory. Now I’d like to introduce a new on-prem AD and move to a hybrid identity setup without recreating existing user accounts or losing any data. Is this possible, and if so, could you please outline the general steps or point me to the relevant official guidance?

Thank you!

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deepanshu katara 16,790 Reputation points MVP Moderator
    2024-12-17T11:34:56.0933333+00:00

    Hello Eric, Welcome to MS Q&A

    To move to a hybrid identity setup with on-premises Active Directory (AD) without recreating existing user accounts or losing data, you can use Microsoft Entra Connect to synchronize your on-premises identities with Microsoft Entra ID. This allows you to maintain a single user object in both environments, ensuring that users can sign in to both on-premises systems and cloud resources with the same identity.

    Here are the steps to achieve this:

    1. Install Microsoft Entra Connect: This tool will help synchronize your existing on-premises AD users to Microsoft Entra ID. Ensure that you have the latest version installed.
    2. Synchronize User Accounts: Use Microsoft Entra Connect to sync your existing user accounts from on-premises AD to Microsoft Entra ID. This process does not require recreating accounts, as it will sync the existing user data.
    3. Maintain Data Integrity: Since you are synchronizing existing accounts, there should be no loss of data. The synchronization process will ensure that user attributes and credentials are preserved.
    4. Test and Validate: Before fully transitioning, it’s advisable to test the setup with a staged rollout to ensure that everything works as expected.

    By following these steps, you can effectively transition to a hybrid identity setup while keeping your existing user accounts intact.

    References:

    Please let me know if you have any further questions

    Kindly accept answer if it helps

    Thanks

    Deepanshu

    0 comments
  2. Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator
    2024-12-18T08:19:41.1733333+00:00

    Hi @Eric Chin

    Thank you for asking this question on the Microsoft Q&A Platform.
    On-premises Active directory and Microsoft Entra ID are two different directories, you can sync the on-premises directory users, groups & devices to Entra ID directory with the tool called Microsoft Entra Connect so that on-prem users are sync to cloud and can utilize the cloud recourses.
    But you cannot sync the Entra ID cloud users to on-premises directory, because the Microsoft Entra Connect is not support the user writeback because this feature is removed in the August 2015 update to Microsoft Entra Connect.
    Hope this helps. Do let us know if you any further queries by responding in the comments section.

    Thanks,

    Akhilesh.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.