question

mohanadhassan-9667 avatar image
0 Votes"
mohanadhassan-9667 asked azure-cxp-api edited

AIP for users Not synced

Hi everyone, I'm trying to implement Azure information protection [AIP] in my environment before deployment and I have a question:
I have installed Azure AD Connect With ADFS Authentication on the AD server to be able to use AIP. I have not synced all the users to the cloud for security/privacy reasons. The problem I found is that users not synced with Azure AD Connect [not on the cloud] can't use AIP and I get that error “AADSTS51004: The user account does not exist in the directory”. Are there any workaround for this issue?

azure-information-protection
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesHamil-MSFT avatar image
0 Votes"
JamesHamil-MSFT answered mohanadhassan-9667 commented

Hi @mohanadhassan-9667 , I unfortunately do not think this is possible with your current setup. The FAQ says that the two solutions for on-prem scenarios are:

  • Deploy the Rights Management Connector on-prem

  • Synchronize the AD Domain Controllers with AAD

But in the prerequisites to the Rights Management Connector, it says that you still need to synchronize with Azure AD. It's a cloud solution so it needs to be hybrid at minimum.

Please let me know if you have any questions! If this answer helped you, please mark it as "Verified" so other users may reference it.

Thank you,
James







· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for your answer.

1 Vote 1 ·