Hello @Deni Beslic ,
Thanks for reaching out.
When you synchronize your on-premises directory with Azure AD , you have to have a verified domain in Azure Active Directory (Azure AD). Only the User Principal Names (UPNs) that are associated with the on-premises Active Directory Domain Services (AD DS) domain are synchronized. However, any UPN that contains a non-routable domain, such as ".local" (example: billa@Company portal .local), will be synchronized to an .onmicrosoft.com domain (example: billa@Company portal .onmicrosoft.com).
If you currently use a ".local" domain for your user accounts in AD DS, it's recommended that you change them to use a verified domain, such as billa@Company portal .com, in order to properly synchronize with your Azure AD verified domain.
Alternatively, you could set your verified Domain as Primary in Azure AD for example, contoso.com. Every user that has the domain contoso.local is then updated to contoso.com while synchronizing to Azure AD. This is a very involved process, this setting won’t influence the existing accounts which was synchronized to azure AD in past. However, an easier solution is described in the following section.
In Azure AD Domains section, you can verify current PRIMARY DOMAIN.
in additionally, if on-premises second custom domain for example, fabrikam.com which is routable on-prem, same domain is added and verified in Azure AD then users will just sync by default since UPN suffixes are the same.
For more information: https://learn.microsoft.com/en-us/microsoft-365/enterprise/prepare-a-non-routable-domain-for-directory-synchronization?view=o365-worldwide
------------------------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.