There is no user writeback feature indeed, the usual approach is to export the properties of the cloud users via PowerShell/Graph API and use the exported data to create matching accounts in your on-premises AD. After which, you can configure the sync.
Migration from pure Entra Cloud environment to hybrid on-prem AD x Entra environment
Hello Community,
I have the problem that we want to switch from a pure Entra environment (with users, groups, etc.) to a hybrid model, in order to be able to use the advantages of on-prem AD - especially x802.1/user authentication in WiFi via EAP-TLS.
I'm aware of a solution with a cloud RADIUS server but they seem to be a bit too pricy (unless i'm incorrect in my assumption?)
Unfortunately, I found out that this way is not as easy as the other way around (from on-prem to hybrid).
If I have understood correctly, it is not possible to automatically migrate users from Entra to AD because Entra does not have user writeback rights?
I really hope I am wrong here but unfortunately I have found sobering little Microsoft documentation apart from this (https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/how-to-configure-entra-to-active-directory) which only allows group creation? I would be very grateful for enlightenment, if available a guide or further documentation would also be appreciated.
Many thanks in advance!