Share via

Is it possible to connect the Active Directory with existing users and Office 365 with existing users also using AD Connect

Raymond Supilanas 66 Reputation points
2021-01-05T07:28:13.353+00:00

Hi,

Good Day!

May I ask if possible to sync Active Directory On-Premise with existing users to Office 365 with existing users also? If yes, can I have the documentation or link for the procedure to do this.

Thanks,
Raymond

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. mirba-msft 651 Reputation points Microsoft Employee Moderator
    2021-01-05T10:26:17.107+00:00

    Hello anonymous user

    Thank you for reaching out to us.

    In regards to your concern if the users in on-premises have the same UPN and Primary SMTP address of the Azure AD Users then it will soft match and join those objects if they are different objects with the same proxy addresses then you will have a duplicate attribute error. in order to know more please follow this Article 1.

    Article 2

    Article 3

    Sync with existing users in Azure AD
    When you install Azure AD Connect and you start synchronizing, the Azure AD sync service (in Azure AD) does a check on every new object and tries to find an existing object to match. There are three attributes used for this process: userPrincipalName, proxyAddresses, and sourceAnchor/immutableID. A match on userPrincipalName and proxyAddresses is known as a soft match. A match on sourceAnchor is known as hard match. For the proxyAddresses attribute only the value with SMTP:, that is the primary email address, is used for the evaluation.

    The match is only evaluated for new objects coming from Connect. If you change an existing object so it is matching any of these attributes, then you see an error instead.

    If Azure AD finds an object where the attribute values are the same for an object coming from Connect and that it is already present in Azure AD, then the object in Azure AD is taken over by Connect. The previously cloud-managed object is flagged as on-premises managed. All attributes in Azure AD with a value in on-premises AD are overwritten with the on-premises value.

    In case you have any questions on the same, you can surely let us know and we will be happy to help you further. If this post provides you the answer you were looking for, do accept it as an answer in the interest of community members with similar queries. If this does not answer, please ask further in the comments and we will happy to address your concerns. Thank you.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 119.5K Reputation points MVP Volunteer Moderator
    2021-01-05T07:49:56.27+00:00
  2. Raymond Supilanas 66 Reputation points
    2021-01-18T05:57:41.907+00:00

    Hi Michev and Mirba,

    Good Day!

    I have successfully sync my existing users in Active Directory to Office 365 users using the SMTP matching.

    Do you have any idea what is other solutions in duplicate error besides in deleting the AD account?

    Thanks,
    Raymond

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.