Hi,
we are running our MS Azure environment in an hybrid mode, meaning that our on-prem MS AD account GUID should be linked with the MS Azure AD Account ImmutableID attribute.
We are right now discussing if we should further use AD Connect to synchronize on-prem AD accounts to the Azure domain or should we use IAM functionality to generate the AAD account. In the second case it would be easier for us (no process has to wait an look till the AAD accounts was generated), we could turn off AD connect but we have to set the ImmutableID attribute right.
Has anybody solved this kind of issue ? any recommendations / feedback / lessons learned ?
Thank you
CU all
Wolfgang
