AADDS and SidHistory

It appears that the SidHistory arrives in AADDS from AzureAD using the onPremiseSecurityIdentifier. attribute. The problem I have is on a particular customer that doesn&amp;amp;#39;t have an OnPrem AD, I want to create shares from a file server in AADDS and allow laptops connected to AzureAD access. Without the sid history from accounts created in O365 (Azure AD), I cannot grant access.

I also cannot access the onPremiseSecurityIdentifier attribute within o365 as a get around to allow the one way sync to AADDS. Any ideas?

· 1

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

shashishailaj · Sep 09, 2020 at 07:12 PM

@PCookman , The objects in Azure AD domain services would already have ObjectSid attribute which are assigned to the user objects synced from Azure AD tenant to AADDS user object by the managed domain controller while creating those users in AAD domain services environment , I think you could use the same SID on the file shares to provide access . Alternatively , rather than create a file server connected to Azure AD domain services virtual network , why don't you leverage azure file shares / Azure file sync. Let usknow if you need more information or if we have not understood the requirement and you have further queries and we will continue to help you further on this.

0 ·

question