Azure Active Directory is excellent when you want to protect the organization from weak user…
Uninstall Azure AD Connect
We like to uninstall Azure AD Connect. The organization will not use Azure AD Connect anymore to sync AD objects between on-premises AD and Azure AD because the servers are moved to the cloud. This is when we like to delete Azure AD Connect. In this article, we will look at how to remove Azure AD Connect from server.
Table of contents
Locate Azure AD Connect server
Start PowerShell as administrator. Make sure that you have privileges to search in Active Directory. After running the cmdlet, we do know that it’s installed on the server DC01.
PS C:\> Get-ADUser -LDAPFilter "(description=*configured to synchronize to tenant*)" -Properties description | % { $_.description.SubString(142, $_.description.IndexOf(" ", 142) -142)}
DC01Turn off directory synchronization
Disable directory synchronization in two places:
- On-premises AD
- Azure AD
Turn off directory synchronization on-premises AD
Sign in to the Windows Server, where you have Azure AD Connect installed and configured. Start PowerShell as administrator and run Import-Module ADSync. Follow with the Set-ADSyncScheduler cmdlet to stop the synchronization.
PS C:\> Import-Module ADSync
PS C:\> Set-ADSyncScheduler -SyncCycleEnabled $falseCheck that on-premises directory synchronization is disabled and shows the value False.
PS C:\> Get-ADSyncScheduler | ft SyncCycleEnabled
SyncCycleEnabled
----------------
FalseTurn off directory synchronization Azure AD
In the same Windows PowerShell window, install and connect to Azure AD.
PS C:\> Connect-MsolServiceTurn off directory synchronization and convert your synchronized users to cloud-only. Run the Set-MsolDirSyncEnabled cmdlet to stop the synchronization.
PS C:\> Set-MsolDirSyncEnabled -EnableDirSync $falseCheck that Azure AD directory synchronization is disabled and shows the value False.
PS C:\> (Get-MSOLCompanyInformation).DirectorySynchronizationEnabled
FalseUninstall Azure AD Connect from server
Click on Start > Control Panel > Programs and Features. Click on Microsoft Azure AD Connect and press on Uninstall.
Note: The wizard will uninstall the supporting components: Microsoft Azure AD Connect Health agent for sync, Microsoft Azure AD Connect synchronization services, and Microsoft SQL Server.
The Uninstall Azure AD Connect wizard shows up. Check the checkbox Also uninstall supporting components. Click Remove.
Give it a couple of minutes, and you will see the green checkmarks. Azure AD Connect is successfully uninstalled. Click Exit.
Azure AD Connect is removed from the Programs and Features list.
Start File Explorer. Go to C:\Program Files. Right-click Microsoft Azure AD Sync folder and click on Delete to remove Microsoft Azure AD Sync folder.
In File Explorer, navigate to the C:\Users folder. Remove the AAD_ folders. You may see folders with the prefix ADSyncMSA_. If so, remove these — more information about the ADSync service account.
Azure AD Connect is successfully removed. Did this help you to remove Azure AD Connect from server?
Read more: Upgrade Azure AD Connect »
Conclusion
In this article, you learned how to uninstall Azure AD Connect. First, go through the uninstall wizard. After that, delete Azure AD Connect folders in File Explorer. You can always reinstall Azure AD Connect on the same server.
Did you enjoy this article? You may also like Force sync Azure AD Connect with PowerShell. Don’t forget to follow us and share this article.
What Others Are Reading
Hi,
I would like to make sure. by uninstall Azure Sync Tool / Azure Connect it will unsync between Azure AD and OnPremise AD.
1. Will my account with Business Standard for mailbox, OneDrive will be deleted because in admin.microsoft.com Sync Status for each users are all “sync from on-premises”?
2. Will I get the ability to reset the password in user side, as of now all of my user cannot reset password by their own and need my help as an admin.
1. No, the accounts will stay and will not delete. The status will change from “Synced from on-premises” to “In cloud”.
2. If you have a hybrid deployment or cloud-only, you can configure that users can reset their passwords. Read more in the article Enable Self-Service Password Reset.
Hello Ali
This is a great guide. Thank you very much.
Just once again to be sure, already synched Accounts (based on On-Premise) will not be deleted in M365?
We had a Server Crash and we cannot restore from a Backup. So we would like to delete the Synch to just use Azure and no more On-Premise.
Thank you for your help!
Greetings from Switzerland
Hi Martin,
No, it will not delete the objects in the cloud.
However, you must “Turn off directory synchronization Azure AD” (shown in the article). So you need to connect to Azure Active Directory and disable directory synchronization:
1. Connect-MsolService
2. Set-MsolDirSyncEnabled -EnableDirSync $false
Note that it may take 72 hours for the deactivation to be completed.
After that, you’re all set.
Thank you very much for your Time.
I just deactivated following your article.
I will see in some hours if it works.
I would be glad to donate a little amount if you have a PayPal or something.
Just as a small Thank you.
Hey, thanks for this. I’ve successfully migrated AAD Connect to a new server – everything is syncing great and reporting healthy (thanks for that migration guide). On the old server, AAD Connect and all components have been uninstalled via the Control Panel. I am now receiving “unhealthy” notifications from Azure Connect Health referencing the old server. Can you please advise how best to clean this up, without impacting the new configuration? Thanks.
The Azure portal should automatically remove the AAD Connect server after uninstalling the AAD Connect software. If that doesn’t happen, you get these notifications.
You can sign in to the Azure portal and navigate to the Azure Active Directory Connect Servers section. It will show the new AAD Connect server as healthy, and the old AAD connect server as unhealthy. Remove the old AAD Connect server.
Just want to double-check, so before removing Azure ADC we would need to ensure that new user objects were created in Azure as the sync’d objects would not really be useful going forward.
Would this be a fair statement?
Thanks in advance
Hi Ali, Thanks for the article.
So after removing the Azure AD Connect – we can change password, make changes to user accounts, groups in M365 directly right?
As with Azure AD in place we cannot make changes to M365, all changes gets synced from Local AD.
Thanks,
Jatin
Hi Jatin,
That’s correct. As long as your AD (Authority) is on-premises, you should keep Azure AD Connect and manage everything on-premises.
Suppose there is no need anymore to manage users from on-premises and no longer require directory synchronization or password synchronization. In that case, you can uninstall Azure AD Connect and manage everything in Microsoft 365.
Awesome guide!
thanks for sharing.
Thanks for the tutorial Ali, great content.