HOW TO - Properly remove Entra AD Connect




Synopsis: Outlines the steps to properly remove Entra Connect

Intro: There are some additional steps required to 'neatly' clean up the Entra Connect ( Formerly Azure AD Connect.) These steps are listed below.

Quick Run Down:

1.) Audit Current Environment

2.) Uninstall Application from Server

3.) Use Powershell to turn off directory Sync from the O365 Tenant

4.) Remove Sync Service from Entra


 1.) Audit Current Environment 

For a sanity check of successful removal, you can note the ratio of current user objects in Azure AD, and number of current users syncing from on-prem.  

This can be found easily by filtering the users list by ‘On-premises sync’ :  

 

 

 

 

 

 

  1. 2.) Uninstall Application from server 

 

  1. Log into the Domain Controller you wish to remove AAD sync from 

  1. Navigate to Add/Remove Programs in the control panel, or open Appwiz.cpl 

  1. Locate ‘Microsoft Azure AD Connect 
     

  1. Select Uninstall 

  1. A new screen asks which components to remove. Select all unless you are aware the additional services are needed elsewhere.  
    Graphical user interface, text, application Description automatically generated 

  1. Hit “Remove”  

  1. Wait for the uninstaller to finish. 

 

 

3.) Use PowerShell to turn off Directory Sync from the O365 / Azure Tenant 

 

  1. Download & Install the Microsoft Azure Active Directory Module for Powershell 

  1. Open Powershell 

  1. Run Connect-MSOLService' | Sign in with the clients 365 creds 

  1. Run ‘Set-MsolDirSyncEnabled -EnableDirSync $false’ | Select Y (Default) to confirm




4.) Remove service from Entra AD


  2. Log into 365 Admin, navigate to Entra ID 

  1. Navigate to Entra Connect Health 

  1. Click on "Sync Services" and then click on the Service Name: 
    Click on the Domain Controller you've decommissioned and then click "Delete": 


OPTIONAL:

Head back to Entra Connect Health, click on Sync Errors and then click on "Notifications Settings": 

 

 

... 

  1. Click "Off" and then click "Save": 

 

 

Verify Success: 

 

1. In Entra AD, refresh the ‘On-Premises-Synced' Users list and confirm no users are listed. All user objects should convert, and the total user count noted in the earlier audit is the same. 

 

2. Review the ‘Deleted Users’ section in Azure AD. Verify no cloud objects were lost in translation. 

 

3. Review the ‘Deleted Groups’ section in Azure AD. Verify no group objects were lost in translation. 

Comments

Post a Comment

Popular posts from this blog

HOW TO - Deploy HP Universal Print Driver w/ Intune

Image
  synopsis: Deploying HP Printers with HP Universal Print Driver via Intune - .win32 app using a customized HP Driver package Intro:    There is much documentation on the process to deploy .inf driver packages through Intune. The HP Universal Print Driver offers some nuances as it's packaged for every printer type. Not every .inf files that is installed is needed. This article outlines the process of creating a custom HP driver with HP PARK. (Print Administrator Resource Kit.) This driver kit lets you package the .inf, along with the printer information required for deployment. Ie; Name, PrinterPort, and IPAddress. This article focuses on the HP Park tool, and assumes familiarity with Intune app deployments. Quick Run Down: 1.) Grab the Driver Package, and HP Park Software. 2.) Use HP Park to create an '.exe' package.           3.) Use the Intune Content Prep Tool to package into a .win32 app          ...
Read more

Launch Day - Setting up a custom URL for a Blogger

Image
Building* this damn thing.     * Configuring DNS synopsis: Setting up a custom URL for a Blogger using GoDaddy and Cloudflare. Intro:      This webpage is hosted by Blogger (Google), and it comes prebuilt with a "www.mehatecomputer.blogger.com" URL. Configuring this webpage to use a custom URL requires additional configuration within your DNS provider. Which may require additional configuration with your Domain Registrar. This article will focus on the steps required for DNS configuration. Quick Run Down: 1.) Acquire the 'Domain' 2.) Create the 'WebSite' 3.) Configure DNS 4.) Geo Block any IP address from India Tech Stack and Cost: Registrar : GoDaddy > Domain + Domain Protection    $25.00 Annual DNS Provider: Cloudflare > Free Plan                                $00.00 Free   WebSiteHost: Blogger > Free            ...
Read more

HOW TO - Open SharePoint Resource in New Tabs w/ Column Formats

Image
  Synopsis: Explore options for using custom column formatting to open SharePoint list items in new tabs. Intro : I received the following question; "Is there a setting to force SharePoint Online document sets to open in a new tab?" The customer wanted to replicate the experience when pressing a widget button, that opens in a new tab. But document libraries and list don't really have those options. I've created some 'fancy' things in the past using custom formatting to create hyperlinks. I wanted to take that a step further by adding instructions to force those hyperlinks to open in a new tab.   Quick Run Down: 1.) Forcing a new tab to open when using a hyperlink 2.) Generating a specific hyperlink from the resource 3.) Formatting the column to do what we want. (Failed attempt.) 4.) Creating a new column to do what we want. (Success.) Tech Stack: SharePoint Online PowerShell ISE ( For configuring the JSON, any IDE will be better...
Read more