locked
Azure AD Tenant Migration RRS feed

  • Question

  • Hello Experts

    Assuming I have an internal AD with abc.com which is already been synced with Azure AD also with abc.com.

    Now, if the internal domain will change to abd.com and also the Azure AD domain will change to abd.com...what is the best way to approach this type of migration?

    Thursday, May 30, 2019 2:11 PM

Answers

  • As per your description I understand that you already have a azure AD tenant which i am assuming would be somewhat like <abc>.onmicrosoft.com where you have a custom domain abc.com verified, and the on-prem AD domain also is named as abc.com . 

    -- In order to change the domain on-premise e. either you would go through a domain rename which is a tedious process or you you are completely migrating all the users from one domain abc.com -->> abd.com .
    -- Temporarily disable the Azure AD sync by using cmdlet Set-ADSyncScheduler -SyncCycleEnabled $false to be on a safer side. Plan this on a weekend. 
    -- If you are just trying to change the UPN of the users then you would first need to add the domain abd.com as a new domain suffix using AD domains snap-in console. 
    -- Once done you would use some script to modify the userprinciplename of the users on-premise. from user@abc.com to user@abd.com . 
    -- If this is a company consolidation/merger then the users email address may change as well.
    -- You would need to add the new UPN suffix to the proxyaddresses attribute of the all the users on-premise. 
    -- Use a script and make the user@abd.com as a primary SMTP address in the multi valued attribute proxyaddresses . Make sure that user@abc.com smtp address also stays there so as to not change anything for the users. 
    -- Enable the sync scheduler in Azure AD connect and run a full sync using Start-ADSyncSyncCycle -PolicyType Initial

    Hope this helps. However , in your scenario , I would rather suggest to engage a Office365/azure AD consultant for better advice who you can provide your infrastructure details and they can suggest you a comprehensive plan. 

    Thank you. 


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!!

    Thursday, May 30, 2019 4:25 PM
    Owner

All replies

  • A full run of Azure AD Connect?

    -Saman

    Thursday, May 30, 2019 3:35 PM
  • As per your description I understand that you already have a azure AD tenant which i am assuming would be somewhat like <abc>.onmicrosoft.com where you have a custom domain abc.com verified, and the on-prem AD domain also is named as abc.com . 

    -- In order to change the domain on-premise e. either you would go through a domain rename which is a tedious process or you you are completely migrating all the users from one domain abc.com -->> abd.com .
    -- Temporarily disable the Azure AD sync by using cmdlet Set-ADSyncScheduler -SyncCycleEnabled $false to be on a safer side. Plan this on a weekend. 
    -- If you are just trying to change the UPN of the users then you would first need to add the domain abd.com as a new domain suffix using AD domains snap-in console. 
    -- Once done you would use some script to modify the userprinciplename of the users on-premise. from user@abc.com to user@abd.com . 
    -- If this is a company consolidation/merger then the users email address may change as well.
    -- You would need to add the new UPN suffix to the proxyaddresses attribute of the all the users on-premise. 
    -- Use a script and make the user@abd.com as a primary SMTP address in the multi valued attribute proxyaddresses . Make sure that user@abc.com smtp address also stays there so as to not change anything for the users. 
    -- Enable the sync scheduler in Azure AD connect and run a full sync using Start-ADSyncSyncCycle -PolicyType Initial

    Hope this helps. However , in your scenario , I would rather suggest to engage a Office365/azure AD consultant for better advice who you can provide your infrastructure details and they can suggest you a comprehensive plan. 

    Thank you. 


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!!

    Thursday, May 30, 2019 4:25 PM
    Owner
  • Thanks Shashi...this really helps
    Thursday, May 30, 2019 4:50 PM