I have an on-prem active directory domain called xyzcorp.com. I also have an Azure AD domain called xyzcorp.com. The two are not synchronized at the moment. What I want to be able to do is enable directory synchronization between on-prem and Azure AD. This brings me to the issue at hand.
I have a user called admin@xyzcorp.com that's present in both directories. That same user is a Global admin/Azure Owner. What will happen if I attempt to synchronize my on-prem directory over to Azure? Will I lose access to Azure AD? In general what's the best practice for dealing with two disjointed domains how can I combine them making the on-prem as the authoritative source?
Many thanks.