Forum Discussion
Restrict access for AD to AD Azure synced user to Office 365
Hi, I want to restrict access for AD to AD Azure synced user without disabling their account. I have set their logon hours to "Logon Denied" see attached. After a sync, the user can still acces...
Azure AD / O365 does not 'understand' Logon Hours or (Password) Expired accounts. You need to disable the account, or configure custom sync rules in Azure AD Connect to get the desired effect.
Optionally, you could move the users to an out of sync OU, that way they'd be deleted from O365 but still be active in local AD.