Having two logins for the same user isn’t practical for both the user and administrator. That’s why you should use this guide to convert a cloud user into an Azure AD Synced user. Having an Azure AD Synced user is very handy, because the user can then use one password for all the services he might need, plus you can combine login with Seamless Signon.
So you basically have this user in the Cloud:
That should be replaced by this on-prem user:
First of all, make sure that the on-prem user is not being synced.
Then connect to Microsoft Online through PowerShell. If you don’t have the module, install it first (hit y twice):
Install-Module MsOnline
Connect-MsolService
Link the objectGUID with the immutableID of the Cloud user:
$upn = “aku.test@ajni.it”
The objectGUID needs to be in Base64 format.
$id = [system.convert]::ToBase64String((Get-ADUser -filter {userprincipalname -eq $upn}).objectGUid.ToByteArray())
Set-MsolUser -UserPrincipalName $upn -ImmutableId $id
Now move the on-prem user to an OU that is synced to the Cloud and run a manual ADSync:
Start-ADSyncSyncCycle -PolicyType Delta
The user is now synced:
References:
https://jasonhowe.net/2019/08/11/convert-office-365-user-from-cloud-to-ad-synced/