Microsoft’s Azure AD Connect is a great tool that allows admins to sync Active Directory credentials from local domain environments with Microsoft’s cloud (Azure/Office 365), eliminating the need for users to maintain separate passwords for each.
While not a common occurrence, there may be reasons that you would need to remove Microsoft’s Azure AD Connect utility from your environment. This can be achieved in a few short steps and involves both removal from the local domain environment as well as deactivating the service in the cloud.
Step 1
Open PowerShell (Run as Administrator).
Step 2
Connect to Azure Active directory using the following command:
Connect-MsolService
Step 3
Input login credentials
You will be prompted to authenticate. Use the global administrator account within your Office 365 tenant (ex. user@yourdomain.com) and the corresponding password.
Step 4
Keep this PowerShell instance open, we will use it in later steps.
Step 5
Uninstall Azure AD Connect application (and services) from your local domain environment using Control Panel.
Step 6
Once you have AD Connect uninstalled, you will still need to disable the service through office 365. To do so, use the following PowerShell command.
Set-MsolDirSyncEnabled -EnableDirSync $false
You will be prompted to confirm, press Y to confirm and then press Enter.
Step 7
To verify that directory sync was fully disabled, use the following PowerShell command:
(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled
A returned value of False will validate the deactivation.
Step 8
Check status of the users, after disconnect the AzureAD sync
Get-MsolUser | Select DisplayName, UserPrincipalName, ImmutableId
Step 9
Set-MSOLUser -UserPrincipalName users@voorbeeld.com -ImmutableID “$null”
Step 10
Check status Sync
MSOLCompanyInformation | select DirectorySynchronizationStatus
Need to Reenable AD Connect?
If you ever need to reenable AD Connect, repeat the PowerShell procedures above and use the following command in place of step 7:
Set-MsolDirSyncEnabled -EnableDirSync $true
Please note depending on the size of your AD environment, you may have to wait several hours before Microsoft will allow you to reactivate. You can then reinstall and configure Azure AD Connect in your environment.