- Case Study -

 

When Hybrid Identity Breaks, Starting Over Isn't the Only Option

 

How Archbright Escaped Hybrid Identity “Purgatory” to Fully Managed Cloud Identity Safely and Seamlessly

“This was a huge win in reducing cost, complexity, and disruption.”

— Kevin Poole, Director of IT, Archbright

The Challenge

A Critical Migration Stalled by Hybrid Identity Failure

Archbright, a Human Resources services organization, was ready to retire its legacy on-premises identity infrastructure and move fully to cloud-managed Microsoft 365 identities. The business had already eliminated applications dependent on its legacy domain and was preparing to decommission the remaining environment.

But during the migration, something broke.

User accounts became stuck in a hybrid state where Self-Service Password Reset (SSPR) stopped working entirely. Standard migration procedures failed. Microsoft’s recommendation was to delete and recreate more than 100 user identities.

For Archbright, that was not a viable path forward.

The situation created immediate operational and security concerns:

  • Users could not reset their own passwords, forcing administrators to manage manual resets across the organization.
  • Compliance and password rotation requirements were at risk, increasing exposure.
  • Rebuilding identities would disrupt SharePoint, Teams, and Exchange data tied to those accounts.

 What began as a cloud modernization initiative quickly became a blocker, preventing Archbright from retiring legacy infrastructure and moving forward confidently. 

“We had three different identity environments syncing at the same time, and users couldn’t change their own passwords. From a security standpoint and an operational standpoint, that was challenging.”

— Kevin Poole, Director of IT, Archbright

The Solution

A Smarter Path Forward, Without Rebuilding Identities

When rebuilding more than 100 user identities became the default recommendation from Microsoft, Archbright needed a better option.

Instead of starting over, Teknologize evaluated the environment at a deeper level. After isolating the root cause of the hybrid identity failure, we identified a way to safely convert accounts to cloud-only status without deleting a single identity.

Rather than rebuilding users and repairing permissions afterward, we preserved everything already working,  SharePoint access, Teams channels and chat history, Exchange mailboxes, and existing security controls.

The approach focused on three priorities:

  • Preserve all existing data and permissions
  • Restore self-service password functionality
  • Eliminate hybrid identity complexity without disrupting users

After validating the solution in a controlled test environment, the migration was executed across Archbright’s tenant, safely and without user interruption.

“Their answer was just rebuild it all. It’s only 100 user identities, just rebuild it.”

— Dan Morgan, CTO, Teknologize

What Changed for Archbright: The Impact on Operations and Security.

Once the identity complexity was removed, Archbright regained operational control, strengthened its security posture, and accelerated the retirement of costly legacy infrastructure. 

“Actually there was really no impact to us. It was completely transparent.”

— Kevin Poole, Director of IT, Archbright
✅ Zero User Disruption 
 
The transition to cloud-only identity occurred without downtime, forced password resets, or visible impact to users. 
✅ Disruption and Permissions Fully Preserved 
 
SharePoint access, Teams history, channel memberships, and Exchange mailboxes remained intact; no identity rebuild required. 

✅Compliance and Security Restored

 
Self-Service Password Reset functionality was re-enabled, reducing administrative burden and eliminating password management risk.

✅ Legacy Infrastructure Eliminated

 
With hybrid identity resolved, Archbright was able to move forward with decommissioning its legacy domain and reducing unnecessary data center costs.

“This sets us up for future cost savings and success.”

— Kevin Poole, Director of IT, Archbright
Facing a M365 Hybrid Identity Challenge?
Book a Discovery Call to see how we help organizations modernize without data loss or disruption.