Home

Unable to resync with AAD after loss of local domain controller

%3CLINGO-SUB%20id%3D%22lingo-sub-739565%22%20slang%3D%22en-US%22%3EUnable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-739565%22%20slang%3D%22en-US%22%3E%3CP%3EA%20while%20ago%2C%20I%20was%20experimenting%20with%20domain%20controllers%20and%20(stupidly)%20associated%20my%20primary%20company%20AAD-synced%20account%20with%20a%20local%20DC%2C%20rather%20than%20using%20test%20alias.%20Whenever%20I%20try%20to%20change%20anything%20about%20my%20account%2C%26nbsp%3BI%20get%20the%20below%20error%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%22This%20user%20is%20synchronized%20with%20your%20local%20Active%20Directory.%20Some%20details%20can%20be%20edited%20only%20through%20your%20local%20Active%20Directory.%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EHowever%2C%20the%20local%20DC%20and%20associated%20Active%20Directory%20is%20unavailable%20and%20gone%20forever%2C%20and%20I%20haven't%20been%20able%20to%20find%20a%20way%20to%20remove%20that%20connection%20and%20unlink%20my%20account%20so%20I%20can%20resync%20with%20our%20AAD.%20Any%20assistance%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-739565%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-740002%22%20slang%3D%22en-US%22%3ERe%3A%20Unable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740002%22%20slang%3D%22en-US%22%3EYour%20first%20step%20is%20in%20this%20article%20for%20removing%20dirsync%20which%20puts%20all%20accounts%20cloud%20only.%20%3CBR%20%2F%3E%3CBR%20%2F%3ERest%20of%20article%20can%20be%20used%20basically%20for%20attaching%20the%20local%20domain%20back%20as%20well.%20%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fjerrymeyer.nl%2F2017%2F10%2F20%2Foffice-365-migrating-azure-ad-connect-new-ad-domain%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fjerrymeyer.nl%2F2017%2F10%2F20%2Foffice-365-migrating-azure-ad-connect-new-ad-domain%2F%3C%2FA%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-740063%22%20slang%3D%22en-US%22%3ERe%3A%20Unable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740063%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F869%22%20target%3D%22_blank%22%3E%40Chris%20Webb%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20way%20to%20do%20this%20for%26nbsp%3B%3CEM%3Eonly%3C%2FEM%3E%20my%20account%3F%20I'm%20the%20only%20one%20with%20this%20issue%2C%20and%20I'd%20rather%20not%20try%20a%20solution%20that%20would%20affect%20the%20rest%20of%20my%20organization%2C%20even%20if%20the%20impact%20wasn't%20negative.%20Our%20AAD%20has%20no%20issues%2C%20other%20than%20myself.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-740073%22%20slang%3D%22en-US%22%3ERe%3A%20Unable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740073%22%20slang%3D%22en-US%22%3E%3CP%3EDo%20you%20have%20another%20admin%20account%3F%20If%20not%2C%20create%20one%20just%20temporary.%20Then%20delete%20your%20own%20account.%20Recover%20it%20from%20the%20Recycle%20bin.%20Once%20you%20do%20that%2C%20it%20will%20be%20provisioned%20as%20%22disconnector%22%20and%20you%20can%20manage%20it%20directly%20in%20the%20cloud.%20Meaning%20you%20can%20clear%20its%20ImmutableID%20in%20order%20to%20use%20soft-match%20or%20match%20it%20directly%20against%20the%20on-premises%20object.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-740158%22%20slang%3D%22en-US%22%3ERe%3A%20Unable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740158%22%20slang%3D%22en-US%22%3EWhat%20Vasil%20said.%20The%20way%20you%20said%20it%2C%20it%20read%20like%20your%20entire%20directory%20was%20gone.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-740206%22%20slang%3D%22en-US%22%3ERe%3A%20Unable%20to%20resync%20with%20AAD%20after%20loss%20of%20local%20domain%20controller%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740206%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F869%22%20target%3D%22_blank%22%3E%40Chris%20Webb%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EApologies%20-%20the%20local%20directory%20that%20I%20was%20synced%20to%20is%20gone%2C%20but%20our%20AAD%20is%20just%20fine.%20I%20just%20couldn't%20move%20myself%20back%20to%20it.%20I'll%20give%20this%20a%20shot%20and%20report%20back.%20Thanks%20for%20the%20quick%20responses.%3C%2FP%3E%3C%2FLINGO-BODY%3E
RMDNA
New Contributor

A while ago, I was experimenting with domain controllers and (stupidly) associated my primary company AAD-synced account with a local DC, rather than using test alias. Whenever I try to change anything about my account, I get the below error:

 

"This user is synchronized with your local Active Directory. Some details can be edited only through your local Active Directory."

 

However, the local DC and associated Active Directory is unavailable and gone forever, and I haven't been able to find a way to remove that connection and unlink my account so I can resync with our AAD. Any assistance?

5 Replies
Your first step is in this article for removing dirsync which puts all accounts cloud only.

Rest of article can be used basically for attaching the local domain back as well.

https://jerrymeyer.nl/2017/10/20/office-365-migrating-azure-ad-connect-new-ad-domain/

Hi @Chris Webb,

 

Is there a way to do this for only my account? I'm the only one with this issue, and I'd rather not try a solution that would affect the rest of my organization, even if the impact wasn't negative. Our AAD has no issues, other than myself.

Do you have another admin account? If not, create one just temporary. Then delete your own account. Recover it from the Recycle bin. Once you do that, it will be provisioned as "disconnector" and you can manage it directly in the cloud. Meaning you can clear its ImmutableID in order to use soft-match or match it directly against the on-premises object.

What Vasil said. The way you said it, it read like your entire directory was gone.

@Chris Webb@Vasil Michev,

 

Apologies - the local directory that I was synced to is gone, but our AAD is just fine. I just couldn't move myself back to it. I'll give this a shot and report back. Thanks for the quick responses.

Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies