Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,767 questions
AADDS and SidHistory
PCookman
31
Reputation points
It appears that the SidHistory arrives in AADDS from AzureAD using the onPremiseSecurityIdentifier. attribute. The problem I have is on a particular customer that doesn't have an OnPrem AD, I want to create shares from a file server in AADDS and allow laptops connected to AzureAD access. Without the sid history from accounts created in O365 (Azure AD), I cannot grant access.
I also cannot access the onPremiseSecurityIdentifier attribute within o365 as a get around to allow the one way sync to AADDS. Any ideas?
{count} votes
-
ShashiShailaj-MSFT 7,466 Reputation points Microsoft Employee
2020-09-09T19:12:13.893+00:00 @PCookman , The objects in Azure AD domain services would already have ObjectSid attribute which are assigned to the user objects synced from Azure AD tenant to AADDS user object by the managed domain controller while creating those users in AAD domain services environment , I think you could use the same SID on the file shares to provide access . Alternatively , rather than create a file server connected to Azure AD domain services virtual network , why don't you leverage azure file shares / Azure file sync. Let usknow if you need more information or if we have not understood the requirement and you have further queries and we will continue to help you further on this.
Sign in to comment