Forum Discussion

Dean_Gross's avatar
Dean_Gross
Silver Contributor
Feb 21, 2018
Solved

Group Ownership - Account removal-orphaning

Can anyone help me find a detailed technical explanation of the which user account editing scenarios will cause the owner of an Azure AD (office/office 365) group to be removed ? it was my understand...
  • TonyRedmond's avatar
    TonyRedmond
    Feb 21, 2018

    We're dealing with two things here. The Azure AD user object (the account) is as you say: blocked.

    However, the Azure AD user object still exists in the directory and the GUID pointing to the object in the list of owners is valid. So when Get-UnifiedGroupLinks returns the set of owners, it thinks the user object is fine because it can be found...

Dean_Gross's avatar
Dean_Gross
Silver Contributor
Feb 21, 2018

Thanks, is there an attribute that is can be changed in an off-boarding workflow to also make this happen?

Dean_Gross's avatar
Dean_Gross
Silver Contributor
Feb 21, 2018

I found some additional information, that should help to clarify my question. 

The account in question shows up in the O365 Admin Center as blocked,

  • licenses show- no products assigned,
  • sign in status- sign in blocked, 

Azure AD shows the last login on Feb 5, 2018

 

An Office 365 group show that this account is still in the Owners role, Azure AD shows the same. Why is the blocked account still shown as an Owner? 

When will the blocked account stop showing up in the group owner role?