locked
How to copy users from O365 AD to local AD RRS feed

  • Question

  • Hello,

    It is backward, but I have no choice. One of my clients used O365 without local AD. Now they decided to use local AD.

    I setup local Forest and Domain. After that, I installed ADFS server with WAP server. I installed Azure AD connector and configured it to use ADFS server.

    Looks like sync is working, but online users are not copied in local AD. How can I set it up?

    Thank you.


    Thank you. Eric.

    Tuesday, October 16, 2018 12:52 AM

Answers

  • Sync is one-way only, FROM the local AD to Azure AD. There is no way to sync back to on-premises. Best you can do is use PowerShell or the Graph API to export the users and their attributes, then import them on-premises.
    Tuesday, October 16, 2018 6:57 AM

All replies

  • Please refer to this article if this helps to sync the users back to local AD.
    Tuesday, October 16, 2018 5:28 AM
  • Sync is one-way only, FROM the local AD to Azure AD. There is no way to sync back to on-premises. Best you can do is use PowerShell or the Graph API to export the users and their attributes, then import them on-premises.
    Tuesday, October 16, 2018 6:57 AM
  • Something is not working correctly. I added mydomain.com to local AD.

    I had a user John Smith in O365. The user's primary UPN is john.smith@mydomain.com. It also has john.smith@mydomain.onmicrosoft.com address.

    I read somewhere that I have to create the same user with the same UPN in AD. I created a user and let it sync. Now, in O365, I see two users with name John Smith. One of them is my O365 user with UPN john.smith@mydomain.com and the second was synced from AD and the UPN is john.smith@mydomain.onmicrosoft.com.

    Why did it create the second account? I thought it should sync them as one.

    Thank you.

    Thank you. Eric.

    Tuesday, October 16, 2018 1:15 PM
  • It will not sync them as one, because they have different IDs.

    Just sync them without creating new and that should do it. 

    Wednesday, October 17, 2018 8:06 AM
  • I have 20+ users online. I created only one user on-premises with the same UPN, but users are not synced from O365 to my local AD.

    Thank you. Eric.

    Wednesday, October 17, 2018 2:44 PM
  • I think the solution to your problem is here

    https://www.codetwo.com/admins-blog/how-to-merge-an-office-365-account-with-an-on-premises-ad-account-after-hybrid-configuration/


    Wednesday, October 17, 2018 7:31 PM
  • When you created the user with john.smith@mydomain.onmicrosoft.com, it is a user tied to your Azure Active directory and as mentioned by @Vasil L. Michev this user cannot be synced back to local Windows AD.
    Wednesday, October 17, 2018 7:51 PM
  • Please let me know if you find the replies useful. If yes, do click on 'Mark as answer' which will help other community members facing similar query to refer to this solution. Thanks
    Tuesday, October 23, 2018 6:41 PM