I had this question after viewing Change Office 365 password when AD sync is enabled?
I just added AD sync to a location as I thought it would allow me to manipulate local creds from a cloud location. I see now that it doesn't allow that, you need P1 or P2 level. I am going to ask them for this level but before I do, Am I correct in thinking that they can then use their O365 creds (username.com) to log on to local domain (username.Local) accounts? That would be the desired end game. If I'm wrong, what would it take to create a single sign on for both O365 and local machine accounts configurable from cloud?
It's a small non profit with about 25 accounts - about a third are email only, but there is an admin staff that uses the AD locally for login to their workstations and I run GPO's to map printers and drives etc. Ideally I would leave a single Server on site and get rid of most of the other hardware.