Hello everyone
I have a questions about security best practices for SPO. Our strategy is to manage MS online services through our on-premise infrastructure (so mail related management is done on-premise, user management is done via on-premise, ....) which is synced through dirsync/adSync.
There are a few possibilities. Or you do everything on-premise which means great control but also a lot of requests (this can be automated of course) or you manage all in the cloud but this is non-compliant with our strategy. A third option, which I'm trying to figure out, is to setup AD On-premise groups for the first few levels in a site-collection (because these will contain 50K+ users) and try to auto-populate them (via FIM, dynamic Distribution list ?, other options?), have them synced by dirsync and from then start managing sites and teams via SPO.
Can somebody share his experience concerning this topic?
Thanks alot
Jan
PS: Not sure if this is the correct f