Object deletions aren't synchronized to Azure AD when using the Azure Active Directory Sync tool

PROBLEM

Consider the following scenario:
  • You have an on-premises Active Directory object.
  • Directory synchronization is used to sync the Active Directory object to Microsoft Azure Active Directory (Azure AD). This creates a linked object.
  • You delete the on-premises Active Directory object.
In this scenario, the linked object isn't removed from Azure AD.

CAUSE

This issue may occur if one of the following conditions is true:
  • Directory synchronization hasn't yet occurred.
  • Directory synchronization unexpectedly failed to delete a specific cloud object and results in an orphaned Azure AD object.

SOLUTION

To fix this issue, follow these steps:
  1. Force directory synchronization. For more info about how to do this, go to the following Microsoft website:

  2. Check that directory synchronization occurred correctly. For more info about how to do this, go to the following Microsoft website:

  3. If sync is working correctly but the Active Directory object deletion is still not propagated to Azure AD, you can manually remove the orphaned object by using one of the following Azure Active Directory Module for Windows PowerShell cmdlets:
    Remove-MsolContact

    Remove-MsolGroup

    Remove-MsolUser
    For example, to manually remove orphaned user ID john.smith@contoso.com that was originally created by using directory synchronization, you would run the following cmdlet:

    Remove-MsolUser –UserPrincipalName John.Smith@Contoso.com 

MORE INFORMATION

Still need help? Go to Microsoft Community or the Azure Active Directory Forums website.
Eigenschaften

Artikelnummer: 2709902 – Letzte Überarbeitung: 28.12.2016 – Revision: 1

Microsoft Azure Cloud Services, Microsoft Azure Active Directory, Office 365, Microsoft Intune, CRM Online via Office 365 E Plans, Microsoft Azure Recovery Services, Office 365 Identity Management

Feedback