使用Azure AD进行Prem AD还原 [英] On Prem AD Restore using Azure AD

问题描述

因此，长话短说，我们有了一个独立的DC部门. AD已通过Azure AD Connect(带有密码哈希)与Azure同步.需要重建DC，但想知道是否有可能进行同步以将用户从 云?还是我需要核算Azure身份并冒失去邮箱的风险?

So, long story short, we had a stand-alone DC kick the bucket.  AD was synced with Azure via Azure AD Connect, complete with Password Hash.  Need to rebuild the DC, but am wondering if it's possible to do a sync to pull the users back down from the cloud?  Or do I need to nuke the Azure identities and risk losing the mailboxes?

推荐答案

否，同步是单向过程，* from *是本地部署到Azure AD.就是说，不需要推翻"图钉.任何情况下，如果没有本地AD，云对象将可以继续正常运行，至多您可能只需要重置几个密码即可.

No, sync is one-way process, *from* on-premises to Azure AD. That said, there is no need to "nuke" anything, the cloud objects will continue working just fine without on-premises AD, at most you might have to reset few passwords.

一旦重建本地AD，就可以通过Graph API或PowerShell导出用户及其属性的列表，然后使用它来填充AD并匹配".新创建的本地用户与云用户.

Once you rebuild the local AD, you can export a list of your users and their properties via the Graph API or PowerShell, then use it to populate AD and "match" the newly created on-premises users against the cloud ones.

这篇关于使用Azure AD进行Prem AD还原的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！