This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 67%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
I am a bit confused right now.
I have a local AD server that was setup long ago to domain.local
As it is a non-routable TLD, I am getting confused what I need to do to get AzureAD connect up and running.
On the local AD, I have added domain.com to the list of alternate UPN suffixes in Domains and Trusts.
For each user, I have changed their UPN to the domain.com UPN.
When I get to the "connect directories" step in the wizard, I enter the following:
domainaccount@keyman .com (rather than domain.local\domainaccount)
This successfully verifies the account to the domain.local AD server.
On the following screen, I have :
domain.local Not Added
domain.com Verified
Do I need to worry about the .local being "Not Added"?
All info I read says that both must be verified before continuing.
I don't plan on renaming the domain.
I plan on using the user's email address as the as the attribute to sync on as the username/account name for the O365 account and local AD account do not match (note: no on-prem exchange server)
HI @NeverKnow-2832,
You don' need to worry about the .local domain. Only domains that you use in Azure must verified.
Users use the UserPrincipalName attribute when they sing in to Azure AD.
Just go ahead.
Thanks for the advise TKujala.
I went ahead with the configuration. However, it did not seem to work (I am sure my error).
What I really want to do is syncrhonize AD password to O365 password... however, the usernames are not the same (ie: User012345@keyman .local in AD and First.last@keyman .com in O365).
Any thoughts why I can't synchronize?
My settings are as follows
Source Anchor: objectGUID
User Principal name: mail
Sync Criteria: AlwaysProvision
Filter Objects to Synchronize by group: enabled (synchronizing on a group called: ADSyncGroup)
Azure AD APP and Atribute filtering: Disabled
Device Writeback: Disabled
Directory extension attribute sync: Disabled
Exchange Hybrid environment: Disabled
Group Writeback: Disabled
Password Hash Synchronization: Enabled
Password Writeback: Enabled
User Writeback: Disabled
Auto Upgrade: Suspended
Exchange Mail Public Folders: Disabled
SQL Server Name: (localdb)
SQL Server Instance Name: .\ADSync
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 40%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Just update the user mail attribute on local AD to First.last@keyman .com, this will create Azure AD user object First.last@keyman .com
And don't create user object on Azure AD manually, AADC will sync from local AD
Regards,
Ganesamoorthy.S
www.windowstricks.in