Forum Discussion
need to clean up Federated domain
Hi Members,
Good day,
We have a federated domain in Azure. -> eg. fed.dom.lo.com
the AD Connect was set up and it had synchronized all the users in our on-prem domain controller to the Azure.
Assume we had 20k users in the specific OU, which was set for the sync. Now, the change that came in would want us to sync users which have a specific attribute set.
ie, departmentName = xyz and not all.
My doubts are as below,
1.What would happen to the existing users in Azure federated domain, would there be a clean up automatically done? ex, users synced are 20k, but users with attribute are just 3k.
2.How would we do a clean up on Azure domain?
3. Could we delete all the users on Azure domain and add the inbound sync rule to have the limited users show up again?
or any better way to achieve this.
Thank you
V
If you remove a user from the sync scope, the corresponding object in Azure AD will be deleted along with all its data across O365, so make sure you are certain you want to do this. It doesnt matter if the domain is federated or not.
And you'll probably run into the deletion threshold: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-feature-prevent-accidental-deletes
