Azure AD users vs Azure users

Question

Hi,
Is there a difference between Azure users and Azure AD users? (the list of users, their metadata, etc..)

Answer 1

Hi @John Dawson ,

There is no difference between the two. Azure users exist in Azure AD and have the same attributes.

There is, however, a difference between Hybrid Azure AD users that exist both on-premises and in the cloud, and Azure AD cloud-only users. For hybrid Azure AD users, the attributes will be updated on-premises and sync to the cloud (with the exception of a few attributes such as password writeback, if it's enabled), and for cloud-only users the attributes will only be updated in the cloud.

The source for the users will also be different. In Azure AD, there are three sources for accounts:

Azure AD
Accounts that have been created in the tenant by a tenant admin are designated with "Azure AD" as source.

Azure AD (self service)
Accounts that have been created using a self-service process in B2B and have been invited to the tenant.

Active Directory / Windows Server AD
Accounts that have Active Directory / Windows Server AD as their source are accounts that have been synchronized from the on-premises Active Directory Domain Services environment.

In the portal you can check the Directory synced, Creation type, and Identity issuer columns to get more information about the user source.

There is also a difference between on-prem (only) Active Directory users and Azure Active Directory users, since there are some attributes that cannot sync from on-premises to Azure and there are a few limitations with the service. All of these limitations and attributes are documented in Attributes Synchronized to Azure Active Directory.

Let me know if this answers your question or if I missed anything!

-

If the information provided was helpful to you, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.

Answer 2

Hi @John Dawson ,

There is no difference between the two. Azure users exist in Azure AD and have the same attributes.

There is, however, a difference between Hybrid Azure AD users that exist both on-premises and in the cloud, and Azure AD cloud-only users. For hybrid Azure AD users, the attributes will be updated on-premises and sync to the cloud (with the exception of a few attributes such as password writeback, if it's enabled), and for cloud-only users the attributes will only be updated in the cloud.

The source for the users will also be different. In Azure AD, there are three sources for accounts:

Azure AD
Accounts that have been created in the tenant by a tenant admin are designated with "Azure AD" as source.

Azure AD (self service)
Accounts that have been created using a self-service process in B2B and have been invited to the tenant.

Active Directory / Windows Server AD
Accounts that have Active Directory / Windows Server AD as their source are accounts that have been synchronized from the on-premises Active Directory Domain Services environment.

In the portal you can check the Directory synced, Creation type, and Identity issuer columns to get more information about the user source.

There is also a difference between on-prem (only) Active Directory users and Azure Active Directory users, since there are some attributes that cannot sync from on-premises to Azure and there are a few limitations with the service. All of these limitations and attributes are documented in Attributes Synchronized to Azure Active Directory.

Let me know if this answers your question or if I missed anything!

-

If the information provided was helpful to you, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.