How do I set up reverse sync with Azure AD?

N

NortherFox2019-12-24 13:28:49

Active Directory

NortherFox, 2019-12-24 13:28:49

We have: 1 domain controller within the network. The company_name.ru domain has been raised on it. 1 domain in azure ad, same name. There are users who were created in local AD, and then synchronized with the cloud, and everything is ok with them. However, before synchronization was set up, some users were created locally and in the cloud, with the same account names.
Question: how to synchronize them correctly without unnecessary hemorrhoids?
Also, for the convenience of users, I want to set up the following principle of operation: users are created in the cloud, and then synchronized to the local AD for authorization in the system.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry Shumov, 2019-12-24
@dshumov

Based on the second part of the question, I would do this:
1) Downgraded the role of local AD to a member server with the transfer of all roles to cloud AD
2) I would re-elevate local AD but in RO mode
3) Well, the usual synchronization setup.
BUT, I'm not sure if step 1 is needed because. I do not know whether it is possible to transfer the current AD to RO without lowering and reraising.