cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

how to sever connection between 365 & AD

Elliott_Fields
Copper Contributor

‎Feb 26 2024 07:13 AM

‎Feb 26 2024 07:13 AM

how to sever connection between 365 & AD

so we are trying to tidy up our AD (on prem) which is currently fully synched to our 365 cloud.

I want a user gone, but we want to keep their mailbox as a shared one, so I deleted their AD account, allowed the sync to go through, then restored their 365 account from deleted users and that seems to have done the job.

However everyday we now get synchronization errors from Microsoft regarding this account, so my questions are:

  1. did we do it correct and if so how do we fix the sync error from happening?
  2. if i did it completely wrong , how should i be doing it?

I have Googled away online and find so much conflicting issues, from keep the ad account to not possible to everything in between :(

 

Please someone help, thank you :)

215 Views
0 Likes
4 Replies
Reply
4 Replies
Vasil Michev

‎Feb 26 2024 08:15 AM

‎Feb 26 2024 08:15 AM

Re: how to sever connection between 365 & AD

The "correct" (and only supported) method would be to disable dirsync, make the changes (i.e. exclude the user from sync), and re-enable dirsync. What you did does the job, but it's an unsupported workaround.
Do you need "live" access to data within this mailbox? If you only need to keep it for compliance/retention purposes, consider using Inactive mailboxes instead: https://learn.microsoft.com/en-us/purview/inactive-mailboxes-in-office-365
0 Likes
Reply
Elliott_Fields

‎Feb 26 2024 08:51 AM

‎Feb 26 2024 08:51 AM

Re: how to sever connection between 365 & AD

@Vasil Michev 

hi, i couldn't see a simple way of disabling dir sync, unless i go in there untick the relevant boxes, resync, retick, resync - is that correct?

if i do that would it leave the 365 account there and what would happen when i turn dir sync back, what's to stop it from resyncing it self?

0 Likes
Reply
Vasil Michev

‎Feb 27 2024 12:20 AM

‎Feb 27 2024 12:20 AM

Re: how to sever connection between 365 & AD

Sorry, I wasn't descriptive enough above. Once you disable dirsync, you can update the ImmutableID property of the user in M365, so it no longer "matches" against any on-premises object. You can actually do the same in the "workaround" scenario, if you are not bothered by the "unsupported" part of it.
0 Likes
Reply
Elliott_Fields

‎Feb 27 2024 02:42 AM

‎Feb 27 2024 02:42 AM

Re: how to sever connection between 365 & AD

ok, i have removed the immutableid from the object and will see what happens with that, thx
0 Likes
Reply