Disable Active Directory synchronization with Azure AD

We sync the Active Directory on-premises AD objects to Azure AD with Azure AD Connect. When a company wants to move fully to the cloud, we disable Active Directory synchronization in AD on-premises and Azure AD. This time, the on-premises server was already taken offline without considering this. In this article, you will learn how to disable Active Directory synchronization with Azure AD.

Table of contents

How to uninstall Azure AD Connect

The correct way to disable Active Directory synchronization with Azure AD is to follow the steps in the article Uninstall Azure AD Connect, which will:

  1. Turn off directory synchronization on-premises AD
  2. Turn off directory synchronization Azure AD
  3. Uninstall Azure AD Connect from server

How to disable Active Directory synchronization with Azure AD

Suppose the AD on-premises is taken offline without turning off directory synchronization on-premises, you can turn off directory synchronization only in Azure AD.

To disable Active Directory Synchronization with Azure AD, follow the below steps:

1. Start Windows PowerShell as administrator.

2. Install and connect to Azure AD.

Connect-MsolService

3. Check the Azure AD directory synchronization is enabled and that it shows the value True.

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

4. Turn off directory synchronization and convert your synchronized users to cloud-only. Run the Set-MsolDirSyncEnabled cmdlet to stop the synchronization.

Set-MsolDirSyncEnabled -EnableDirSync $false

Note: It may take up to 72 hours to complete deactivation once you have disabled DirSync through this cmdlet. The time depends on the number of objects that are in your cloud service subscription account. You cannot cancel the disable action. It will need to complete before you can take any other action, including re-enabling of DirSync. If you choose to re-enable DirSync, a full synchronization of your synced objects will happen. This may take a considerable time depending on the number of objects in your Active Directory.

5. Check that Azure AD directory synchronization is disabled and shows the value False.

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

That’s it!

Read more: Move Azure AD Connect to new tenant »

Conclusion

You learned how to disable Azure Active Directory synchronization with Azure AD. The correct way is to disable Azure Active Directory synchronization in both AD on-premises and Azure AD and uninstall Azure AD Connect software. Suppose this can’t be done because the on-premises environment is taken down, you can turn off Azure Active Directory Synchronization in Azure AD only.

Did you enjoy this article? You may also like Export Azure AD users to CSV with PowerShell. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

TwitterLinkedIn

What Others Are Reading

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *