How to Remove Azure AD Connect

How to Remove Azure AD Connect

I have recently had an example where I have needed to effectively reverse and roll back on an environment that was utilising Azure AD connect

The reason for this is that I had taken over from a organisation that was midway through migrating its client to O365 however the long term plan for the client was to have everything hosted off premise and there fore did not want a on-premise Exchange Server in a Hybrid set up. Nor ultimately further down the line on premise Domain controllers

Reading into into the supported setups from Microsoft if you do not have an Hybrid Exchange Environment then administration of mailboxes should be done via the O365 admin portal . Azure AD connect forces you to make the amendments in AD for it to then replicate across. You can work round this by using ADSI Edit to edit the SMTP address’s but is not a supported scenario and hey, Microsoft could prevent this from working in the future

I appreciate there are few example where you would want to deliberately break remove Azure AD Connect but this is one of them

Step 1
Open Powershell as an admin

Step 2

Run the following command to Install the Microsoft Online Module for Azure Active Directory

Install-Module -Name MSonline

Step 3

Input login credentials by entering the following commands and entering credentials $msolcred = get-credential

Step 4

Initiate Connection to Office 365 using the following PowerShell command: connect-msolservice -credential $msolcred

Keep the powershell window open – It will be needed later

Step 5

Uninstall Azure AD Connect form Add Remove Programs

Accept the defaults and click remove

Step 6

Now that we have removed Azure AD Connect , we still need to diable the service through O365 . in order to do so we need to add the following command

Set-MsolDirSyncEnabled -EnableDirSync $false



Step 7 

To verify that directory sync was fully disabled, use the following PowerShell command, we should see the response come back as false  


Re enabling Azure AD connect

If you ever need to reenable AD Connect, repeat the PowerShell procedures above and use the following command in place of step 6:

You will then need to reinstall Azure AD Connect

Resources

Thanks to the following blog theat helped me out quite a bit on this

Edit

One thing I found after removing Azure AD connect is that when I created a new user and licensed it with Exchange Online Plan 1 a mailbox was not created in exchange. Lots of troubleshooting later with Microsoft. I established that the reason for this is that there was an existing Mail Contact on exchange. Removing this purged the user from Exchange and then allowed us to create one from scratch


Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.