Forum Discussion
Separate On-Prem Account from Sync' Office 365 Account
Hi, I have a company that has some users that are on-prem, and have an account in Active Directory. This company ALSO has a lot of mobile users that do NOT have\need an on-prem Active Directory Acco...
The only supported way to do this is to disable dirsync, move her user outside of the sync scope, re-enable dirsync. A faster, albeit unsupported method is to temporary delete the account in Office 365 then recover it from the Recycle bin therein. Once that's done, the account is considered a "disconnector" and you can remove the on-premises user. But again, not a supported scenario, use at your own risk.
Thanks, that's awesome.
The first option you mentioned seems by far the most efficient, and almost 'too easy'.
I could easily move that user account out of the OU that is being synchronized.
Then, presumably the account could be deleted.
Why do I have to disable dirsync as part of this process, as opposed to simply moving the account to a non-synchronized OU? Sorry if that is a dumb question - I'm new to this process.
- Just moving the object to a different (out of scope) OU won't break the link with O365, in fact it will result in the O365 object being deleted. And to "break the link", the only supported method is disabling dirsync altogether.
- OK, so let me make sure I understand:
1. Moving the user out of the 'sync' OU to a 'non-sync' OU will result in the O365 object being deleted.
2. Stopping dirsync, then moving the user like in step #1, and then starting dirsync, will result in the user link being broken?
I think I am missing something but I want to confirm. Thanks so much VasilMichev