Hey everyone, I'm looking for some advice regarding a setup where we have two divisions in the same company, each with their own Azure/O365 tenants. Division 1 has its own Active Directory and is hosting emails for both divisions using a single domain (u/xys.com). Division 2, while linked to Division 1, has its email routed through on-premises Exchange servers.
My goal is to migrate Division 2's email off premises while keeping it hosted within Division 1's tenant and allowing Division 2 users to use their own credentials for a seamless experience. However, there are strict regulations preventing Division 1 from accessing Division 2's directory.
I'm considering using Cross-Tenant B2B Collaboration, inviting Division 2 users as guest users in Division 1's tenant, while ensuring that the regulatory boundaries remain intact. Any insights or suggestions would be greatly appreciated!
2 Answers
If both divisions are under the same company and using the same domain, it might actually be simpler to unify everything into one tenant. But I get your point about wanting to keep things separated for regulatory reasons.
Have you thought about creating a second domain with Division 1's AD? This way, you could sync everyone to a single tenant but still maintain a level of isolation and control over resource access between the two divisions.
I’m not quite following how you'd set that up. What do you mean by creating a second domain with Division 1's AD?
But with two separate Active Directories, that might pose some challenges. You really need to consider if the risk is worth the ease!