Microsoft Azure AD Connect is a hybrid connection tool for sync the local on-premise environment domain controller sync with Microsoft Azure Cloud (Azure/Office 365) single sign-on (SSO) user to connect both cloud and on-premise application and Administrator to manage the user credentials with the same password.
For decommission or upgrading the local environment, Azure AD Connect would need to remove properly. The below steps for deactivating the service from the cloud and on-premise.
Open PowerShell (Run as Administrator).
Install the Microsoft Online module for Azure Active Directory using the following command:
Install-Module -Name MSonline
If prompted to continue, input “Y” and press enter. Any subsequent confirmations can be accepted by inputting “A” for “Yes to All” and pressing Enter.
Run the following command to connect to the Azure Active Directory of the tenant for which you are disabling AD Sync.
Connect-MsolService
Enter the Global Administrator credentials for Azure AD/Office 365 tenant.
Disable the Directory Sync type below command.
Set-MsolDirSyncEnabled –EnableDirSync $false
Enter the below command to verify if Dir sync is disabled.
(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled
Open Control panel in the local AAD connect server and uninstall Microsoft Azure AD Connect.
Remove from Local AD below.
- Remove service account created by AAD connect from AD. Check Users container for an account like MSOL_GUID. Description of the service account has the name of the AAD connect server for identification.
- Remove the local AAD groups created by AAD installation, if you are not planning to install AAD connect again. If you have installed AAD connect on a DC, these will be AD group. Keep them for other AAD connect installations or if you have or plan to have.
Login to Azure and select Azure Active Directory – Custom Domain Names
Select Domain and Delete
Type the domain name and Select Delete
