Synchronize Azure AD account with local on-premise AD DC: Let’s say you only have Azure Active Directory, don’t have any on-premises AD Domain, plan to deploy a new Active Directory On Premises Domain/Forest, all the users are using the Office365 and their accounts are created in Azure AD only, can we deploy an On-Premises AD, connect to Office365/Azure AD and use all the existing accounts.
Also Read: Visualized Active Directory without Physical Domain Controller
Usually, Azure AD Connect used to synchronize your local Domain users to Azure AD, Can AADC synchronize Azure AD to On-Premises also?
Don’t think Azure AD Connect can help you on the above scenario. It does not create users on-premises and it does not have any ability to set the password on-premises to the same as in Azure AD.
Also Read: Can we Replace on-premise Domain Controller with Cloud-based Active Directory
If you want to provide Kerberos or NTLM authentication to the applications and join Azure machines to a managed domain then consider Azure AD Domain Services
Or you have to use the new On-Premises AD domain name matching your Azure AD tenant and use the matching UPNs or mail attributes for the domain users and export the Azure AD users and create the same users on On-Premises AD using a script
Also Read: Windows Server 2019 Features
Then user Azure AD Connect to synchronize your local Domains users to Azure AD, these user accounts should be “merged” with the corresponding Azure AD user objects and ask the user to use new AD account password to access the Office365
Also Read: Windows Server Administrator Interview Questions and Answers