We currently have two verified domains in our tenant. One is the primary UPN suffix in our onsite Active Directory and is already synchronised with AAD Connect and federated with ADFS.
Now we want to do the same with the second domain - synchronise and federate - but some users have already been created natively in the cloud using this domain as their UPN suffix.
What will happen to their accounts if we set up synchronisation and enable federation for the second domain using AAD Connect now? Will they automatically be directed to our ADFS for login to Office 365 and other services, where they will no longer have a valid account because they don't exist in our on-premises Active Directory? Or will they still be able to sign in as fully cloud native users, with only users synchronised from our onsite directory being redirected to ADFS for login?