Hello All. Appreciate if someone can provide guidance on this.
We want to create a coexistence in such a way that Office 365 users are Provisioned in Google Workspace as a Cloud Identity licenses. Office 365 domain could be registered as a Primary domain or a Secondary domain in existing Google Workspace entity.
For User Provisioning - We would be using GCDS, by authorising it on Office 365 On-Prem AD with Google Workspace SA credentials.
For User Password Sync - We understand, password changed on On-Prem AD can be synced to Google Workspace via GSPS, BUT can it also sync the password if Office 365 user changes the password from Office 365 web browser login or Azure Admin changes it.
There is an option in Azure to do a password write back to on Prem AD - https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback.
Went through the documentation of GSPS where details are mentioned with respect to active directory password change event. Curious to understand does it sync password from Azure AD tenant that is connected to an On-premise AD.