Forum Discussion

bpr1s3's avatar
bpr1s3
Copper Contributor
Mar 23, 2023
Solved

Convert AD Synced Users to Office 365 Users

Hello. We have AD Synced to Microsoft 365.

 

When covid hit, we had to abandon AD and start creating users in the cloud. Eventually, the server gave up and AD Sync stopped. 

 

It's been a couple of years since then. Some of the users are still AD synced and we cannot edit their details simply because of the AD Sync status. With no server to disable AD Sync, what's the next best way to stop AD Sync and convert all old users to pure cloud users? 

azure
azure active directory
microsoft 365
  • eliekarkafy's avatar
    eliekarkafy
    Mar 23, 2023
    the below script is from MS online . you need to install the MSonline modull on your PC connect to MS online and try to clear the immutable ID using the below script

    Get-MsolUser -UserPrincipalName "email address removed for privacy reasons" | Set-MsolUser -ImmutableId "$null"
  • eliekarkafy's avatar
    eliekarkafy
    MVP
    Mar 23, 2023

    bpr1s3 

    Sign into the AAD Connect Server and Sync the Delta

    Start-ADSyncSyncCycle Delta

     

    Turn off AAD Connect Sync

    Set-MsolDirSyncEnabled -EnableDirSync $false

     

    Convert Single User to Cloud Only (you can convert all the users that need to be cloud only)

    Get-MsolUser -UserPrincipalName email address removed for privacy reasons | Set-MsolUser -ImmutableId "$null"

     

    Remove Immutable ID of all the bulks users need to be cloud

    $Filepath = $env:userprofile\desktop\file.csv
    $csv = Import-Csv -Path $filepath
    $immutableID=$null
     
    Foreach($user in $csv)
    {
    Set-MsolUser -UserPrincipalName $user.UserPrincipalName -ImmutableID $immutableID
    }

     

    move user(s) to an OU that isn’t synchronized using AADC.

     

    Turn on Azure Active Directory Connect Sync

    Set-MsolDirSyncEnabled -EnableDirSync $true

     

    Enable Force Sync if the Sync didn’t work

    Start-ADSyncSyncCycle -PolicyType Initial

     

    Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.

     

     

    • bpr1s3's avatar
      bpr1s3
      Copper Contributor
      Mar 23, 2023
      Hello eliekarkafy,

      We do not have the AAD Connect server anymore.

      That's the challenge. I see solutions in this forum with similar suggestions, but the lack of a server to execute the commands is the issue.
      • eliekarkafy's avatar
        eliekarkafy
        MVP
        Mar 23, 2023
        did you try to clear the immutable ID from the users? than delete it and restore it back ?

Resources