![]() You should now be able to go back to your Office 365 portal and see the user again, showing as an In Cloud only account.Run Restore-MsolUser -UserPrincipalName will restore the user account.Run the command Get-MsolUser -ReturnDeletedUsers. This will return the list of recently deleted mailboxes, you should see the account we are converting here.If you don’t already have this installed, see Microsoft’s documentation on how to get it configured here. Connect to your Office 365 tenant using the Microsoft Azure Active Directory Module for PowerShell.Complete the next part to restore the account in Office 365. Don’t panic! No data will be lost, as Office 365 retains deleted/unlicensed account data for 30 days. Doing so will cause the account to be deleted from Office 365. Now that we have our OU created that is not syncing, we can move the account we want to un-sync to it and force a sync. The next steps should be coordinated with the user of the synced account, as they will temporarily lose access to their email during this part. ![]() Find the newly created OU from the list of containers and un-select it, this will prevent the contents of the OU form being synced to Office 365.Go to Configure Directory Partitions and select the Containers… button. You’ll need to re-authenticate with the account being used to authenticate AAD Connect with AD.Go to the Connectors tab and launch the properties of the connector for Active Directory Domain Services.Launch the Synchronization Server Manager from the server that AAD Connect is installed on.Create the OU that will contain unsynced accounts.The first step you will want to take to break the accounts sync is create an OU that is not being synced via AAD Connect. One use case for doing this is when a user moves to a limited role and needs to continue accessing their email but does not need access to any other network resources. If you are using an on-premise domain environment along side Office 365, and you are not syncing between the two already, I highly recommended doing so! This article is for those who are using AAD Connect already and run into a situation where it makes more sense to have an account that was previously syncing to Office 365 from Active Directory, instead be a cloud only account. Azure Active Directory Connect sync is a great tool.
0 Comments
Leave a Reply. |