Questions in Pic's:
UPN for Multiple on-premises AD Domains sync to a single Azure AD Domain
Have project that has 3 affiliates each with OnPrem AD (single domain forest) moving to Office365 and they would like everyone to have a common Office 365 logon domain.
Have seen discussion doing this by adding commonemail.org (primary domain on AD tenet) as a UPN suffix in all three domains, then change all user accounts to the new UPN Suffix.
Currently, there is no trusts between the three on-prem domains (e.g.: aaa.affiliateA.org, bbb.affiliateB.org, ccc.affilateC.org) - so at least for now - could do with out trust issues.
BUT,
As this post discusses:
https://www.reddit.com/r/Office365/comments/9b1xq8/multiple_onpremises_ad_domains_sync_to_a_single/
Is there a "better" way to do this using alternate (on-prem) attribute to use as Azure AD username (user@commonemail.org) - None of the 3 on-prem domains have on-prem exchange so I don't believe the AD schema's have mailNickname (which I have seem mentioned a few times)
If so:
What attribute is recommended?
What is best way to update/config the on prem attribute (AD powershell?)
Other than the Dropdown in Azure ADConnect "sign-in" configuration are there other things that would need to be set in on-prem AD or Azure (specific to syncing on this "alternate attribute")?