@Carol Chisholm
Hi Carol, I understand your dilema. I have seen MANY people advise to retain an On-Premise Hybrid of Exchange Server so that User Mailbox attributes can be managed correctly. This is *technically* the correct thing to do.
However, as you indicate, you want to simplify. If you are happy to alter the AAD Sync to only a fileterd subset of attributes, you can probably go-ahead with your decommisioning plan.
You would want to set the AADsync to purely do a Password Hash Sync from Local to Cloud account based on a common attribute (email address/upn suffix) for example.
I beleive part of the issue is that in the Azure AD, the user account attribute which maintains which directry is authoritative for the attributes is set as your local AD. This needs switched to be the cloud instead.
This is what I am going to try in my lab:
Switch of AAD Sync completely and uninstall it fully, so that no attributes are sync-removed from cloud accounts by changes to local AD accounts, then remove Exchange Server from the local side. This I understand will force the Authoritative Source for account attributes to the Cloud Accounts and keep their Online Exchange attributes intact.
Next, remove Exchange as cleanly as possible (Use of ADSIEdit may be needed).
The Local AD accounts will have their Exchange attributes removed from the local AD doing this.
Finally, when you have cleaned up you only local server, re-instate Azure ADSync and configure for purely Password-Hash Sync to align credentials if needed.
In the project I am working on, there will be NO on-prem server providing any directory or fileshare facilities. All client computers will be directly joined to the Azure AD instead and a policy no local file storage implemented.
I hope this helps give you something to go on?
