Background: Local/On-Premise Active Directory (2012) synced to Microsoft Azure Active Directory using Azure AD Connect. Was setup for Office 365 to use existing On-Premise identity. Office 365 Enterprise E3 is the O365 Business Plan we have, which includes Microsoft Azure AD as a IDaaS platform. Microsoft Azure AD was not setup to be a management console for the O365 tenant, it has since been connected and now to manage the identity, the O365 console can obviously still manage the identity as well. Right now we have a local domain controller which vast majority of computers authenticate with. If a computer (Windows 10) is removed from the domain and performs a "Join Azure AD" they can then login with their O365 credentials and no longer authenticates with local domain controller. Once this process is performed on users no one will authenticate with the local DC. The AD/DC is still being synced with AAD/O365 for identity but it cannot be fully managed from AAD/O365 there are limitations such as contact information and username cannot be changed from the web consoles, they have to changed from the local/On-Premise AD Users and Computers. If one of the synced users/groups is viewed from the web consoles some of the attributes are greyed out and state, "This user is synchronized with your local Active Directory. Some details can be edited only through your local Active Directory." as it should.
Question: I would like to know if it is possible to convert a locally synced user account to become Microsoft Azure Active Directory user Account? Meaning it would no longer sync to the local AD and could be deleted from the local AD is now fully managed from web consoles. Food for thought, if the sync was broken between the local AD and AAD/O365 would the identity still be seen as a local active directory identity? As shown below, this image is from the users section of the Azure portal for AAD.
