Share via

Microsoft Entra setup between AD and Entra / UPN suffix and ID Domain

Todd English 0 Reputation points
2025-02-12T20:07:43.0833333+00:00

Hello,

I am looking for a confirmation on setting up my Entra Connect Sync. In my local AD, the domain is named one thing "Generic.com" (not the domain but similar) while my 365 / Azure side is something specific to the business like "mygenericwarehouse.us". My question has to do with the UPN suffix and Entra ID domain "Matching"User's image

Do both have to be exactly the same? Meaning do I have to own the domain for "generic.com" to sync it to the Entra ID or reverse it and have "mygenericwarehouse.us" domain as my local AD domain? This local domain is very old, I inherited it. Is there a step I'm missing, I've done this in the past at other businesses but I don't remember the domain matching being this picky.

Any help or suggestions would be greatly appreciated.

thank you

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator
    2025-02-12T20:55:41.0333333+00:00

    One option: mygenericwarehouse.us should be in the local AD domain and set as the UPN of the users. that domain will need to be added to Azure as well.

    Alternatively, make mygenericwarehouse.us the default domain in Azure and users with generic.com will get that domain suffix in their UPN since generic.com does not exist in Azure.

    https://learn.microsoft.com/en-us/microsoft-365/enterprise/prepare-a-non-routable-domain-for-directory-synchronization?view=o365-worldwide#what-if-i-only-have-a-local-on-premises-domain

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.