Azure Active Directory Domain Services - Use AAD Connect and then Remove It to Populate Users

0
votes

I want to confirm a use case for Azure Active Directory Domain Services (AADDS). The goals are to A) populate on-prem Active Directory users into Azure Active Directory (AAD), B) not have to manage Active Directory servers directly in Azure, and C) not maintain Active Directory servers on-premise eventually.

Are there any problems that would occur by doing the following:

  1. Have AAD Connect setup for my AAD tenant
  2. Create an AADDS instance
  3. After it syncs, remove AAD Connect

With the steps above, would there be any adverse affects to doing so? Could users be added and managed after doing those steps via AAD and AADDS?

1
azureazure-active-directory

1 Answers

1
votes

In Azure AD connect basically you are syncing the users from on-premises to Azure AD. If you have 50 users in OU and you sync it Via Azure AD connect then all those users will be in Azure Active Directory.

After sometime if you decided not include that same OU in Azure AD connect sync cycle and when the synchronization happens all the users will removed from the Azure AD. What will happens is if you either disable sync or un-install the Azur AD connect after syncing all the users to cloud then the status of the users synced to cloud will change to "cloud only". Kindly go through this link what will happen if you disconnect sync or remove Azure AD connect.

There is no straight forward migration of users from on-premises AD to Azure AD. In order to get more detailed information similar kind of setup kindly check this link