Recently, I found a new job which uses O365 in a hybrid environment. Just to explain a bit, the new environment has On-premises Active Directory plus an instance of On-premises Exchange Server (which actually has no user mailboxes inside). The On-premises Active Directory is synced to an Azure AD in the cloud and all user mailboxes are in Exchange Online in O365.
Currently, for day-to-day administration like updating security groups and distribution groups, I basically update the On-premises AD which will synchronize to O365. If I attempt to update them in Office 365 portal, it will display an error saying that I should go to update it on On-premises AD. The security groups are used by local File Server as well as distribution list in sending emails. However, my manager suddenly announced today he planned to make changes so that we have to go to Office 365 Portal to do the update instead of On-premises AD.
My questions are: 1) What config changes do we need to do in Office 365 in order to achieve what he wants? 2) What advantage do we get by updating in Office 365 portal instead of On-premises AD?
Without knowing exactly what your manager means we can't answer this question. That being said, I suspect he either doesn't understand how directory synchronization works or he's about to break something.
With directory synchronization (through Azure AD Connect) the source of authority for object attributes is the on premises directory. You can't manage most attributes in Office 365 and must manage them on premises.
If the objects are synced from on-premise to online, then the objects could only be managed on-premise. If you would like to manage the objects online, then it should be the online-only object (not synced).