Hi @Sunith Please find my answers inline below:
How can we merge the users "AHeartings" & "Ann.Heartings" as 1 user and sync to on-premise AD?
This can be done by hard match or soft match, which is very well explained here: https://dirteam.com/sander/2020/03/27/explained-user-hard-matching-and-soft-matching-in-azure-ad-connect/
With AD Connect Sync, does it sync only the identities (usernames) or both Usernames and Passwords?
If you have enabled Password Hash Sync (PHS), it will sync user accounts along with their passwords. If PHS is not enabled, passwords are not synced.
On our corporate computers and network does the user login using the AD username and with SSO enabled will it automatically login the user to Outlook and other office apps?
As I mentioned in my previous reply, you'll get seamless sso experience if you have deployed Seamless SSO or perform Hybrid AAD join. Otherwise users will have to login to every new browser session.
with user molly dolly showing in sync with on-premise AD, what is the password for this user on M365? or do we need to reset the password on M365?
Since you have PHS enabled, it should be on-premise AD password.
As mentioned we did the selective sync with OU and since we only need to sync 25 out of 200 users for this specific application, is it best to sync OU or a security group, we have a structured OU based on location and we like to keep it. However if OU is best way forward over the security group? then we will have to take that path?
We recommend security group based filtering for testing purpose so that you can test by syncing few accounts. However, if changing OU structure is not an option and you will not be having more than 50,000 users, you can use security groups as well. The number of members in a group that you can synchronize from your on-premises Active Directory to Azure Active Directory by using Azure AD Connect is limited to 50,000 members.
For SSO is it best to use “Pass-Through Authentication” or “Password Hash Synchronization”
For best SSO experience, use Pass-Through Authentication along with Seamless SSO configured in AD Connect. Refer to https://video2.skills-academy.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start#deploy-seamless-single-sign-on. If you want to use PHS only, then you'd need to go with Hybrid Azure AD Join.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.