Forum Discussion
how to sever connection between 365 & AD
so we are trying to tidy up our AD (on prem) which is currently fully synched to our 365 cloud. I want a user gone, but we want to keep their mailbox as a shared one, so I deleted their AD account, ...
The "correct" (and only supported) method would be to disable dirsync, make the changes (i.e. exclude the user from sync), and re-enable dirsync. What you did does the job, but it's an unsupported workaround.
Do you need "live" access to data within this mailbox? If you only need to keep it for compliance/retention purposes, consider using Inactive mailboxes instead: https://learn.microsoft.com/en-us/purview/inactive-mailboxes-in-office-365
Do you need "live" access to data within this mailbox? If you only need to keep it for compliance/retention purposes, consider using Inactive mailboxes instead: https://learn.microsoft.com/en-us/purview/inactive-mailboxes-in-office-365
hi, i couldn't see a simple way of disabling dir sync, unless i go in there untick the relevant boxes, resync, retick, resync - is that correct?
if i do that would it leave the 365 account there and what would happen when i turn dir sync back, what's to stop it from resyncing it self?
- Sorry, I wasn't descriptive enough above. Once you disable dirsync, you can update the ImmutableID property of the user in M365, so it no longer "matches" against any on-premises object. You can actually do the same in the "workaround" scenario, if you are not bothered by the "unsupported" part of it.
- ok, i have removed the immutableid from the object and will see what happens with that, thx
