1

On-prem AD: shortname.local, Windows 2012 & 2019 DC

On-prem Exchange: fullname.com

fullname.com is verified on Azure AD

Trying to install AzureADSync on Win2019 DC. Added fullname.com as UPN suffix in AD Domains and Trusts, and change UPN suffix for all users to @fullname.com. Now, I'm stuck at "Connect your directories" phase of the ADConnect install. After adding shortname.local, at the Azure AD Sign-in screen, it shows

shortname.local Not Added

Longname.com Verified see screnshot

And the warning that user will not be able to sign-in to Azure AD w/ on-prem credentials, which is the ultimate goal as well as setting everything correctly for future migration of on-prem Exchange and Office to cloud.

Is changing the on-prem domain name to fullname.com the only solution or is there another easier option? Please advise, thanks in advance.

Roget Luo
  • 11
  • 1

1 Answers1

1

This is perfectly normal. What this means is that .local is not, and cannot be, a verified domain in Azure AD. So long as your on premises user accounts are using the fullname.com UPN suffix you won't have any problem. If any user account is using the .local UPN suffix then they'll be synced to Azure AD with a .onmicrosoft.com UPN suffix, so make sure you've set the fullname.com UPN suffix on all of your user accounts before synching them with Azure AD Connect.

Even if you do wind up with a user account in Azure AD with the .onmicrosoft.com UPN suffix, that can be fixed.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171