![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 37%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hi @robcool • Thank you for reaching out.
If you are synchronizing identities from the Local AD forest to the Non-prod Azure AD tenant, you can sync those identities to the Prod tenant using AD Connect. As Azure AD Connect supports Multiple forests, single Azure AD tenant scenario, you will get the Non-prod users synced to the prod tenant but they will be synced with @ProdTenant.onmicrosoft.com UPN suffix. At this point, you will have all users in the prod tenant and the Non-prod tenant will also have the existing synced users that can be used to access to workloads in that tenant.
During the final cutover, you will have to remove/update all the entities that are using the custom domain in the non-prod tenant so that the custom domain can be removed from the non-prod tenant and added to the prod tenant. Once the custom domain is moved, all you need to do is to flip the UPN suffix of the non-prod users in the prod tenant from @ProdTenant.onmicrosoft.com to @CustomDomain.com using the Set-MsolUserPrincipalName cmdlet.
If you are using cloud-only users and not synced users, you will have to provision the users in bulk to the prod tenant by either using PowerShell Script or Graph batching. Below is the PowerShell Script for your reference:
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.