none
Move from test tenant to prod tenant - best strategy change target of AD sync

    Question

  • I have

    - a test Azure tenant

    - one non admin Azure user localadmin@testdomain.onmicrosoft.com which "owns" a Windows 10 laptop

    - one user user@mydomain.com synced from the on prem AD, who is a user of the laptop

    No mailboxes, no data in SharePoint.

    Now I have got a permanent tenant (correct tenant name) and I want to sync the AD to the new tenant, ensure that the user of the laptop keeps the profile associated with their domain user, and possibly change the admin account for the laptop from one tenant to another (this may be a Windows 10 question, to which I think the answer is no).

    So let's start with the Azure / Office bit:

    Should I

    1. validate the domain as far as possible in the new tenant

    2. set up all the DNS and so on in the new tenant

    Pick a cutover time (how long might this take?)

    3. make new tenant authoritative for domain, finalise

    4. Remove AAD Connect from the on prem server (or is there a way to retarget it?)

    5. Reinstall AAD connect and connect to new tenant

    Hope the laptop picks up the user@mydomain.com account from the new tenant.

    Sort of thinking aloud about he strategy. Thanks for your comments and experience.


    CarolChi

    Tuesday, April 25, 2017 2:06 PM

All replies

  • 1. The domain would need to be REMOVED from your test tenant before you re-add it your Permanent Tenant. (The same domain can not be added to multiple tenants)

    2. Yes, you would need to set up the connection to your permanent tenant.

    3. When you re-add the domain to your new tenant, it is configured only to that tenant.

    4. For re-configuring the Azure AD Connect, you can look into the documentation on Running Azure AD Connect Wizard a second time.

    Thursday, April 27, 2017 7:26 AM
    Moderator
  • Thanks for the confirmation.

    Do you think the user of the laptop will notice the difference? Since the account is a domain account synced with Azure, I'm assuming the profile on the laptop will be re-used.


    CarolChi

    Thursday, April 27, 2017 12:56 PM