![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 84%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
1,978 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 40%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 72%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJG%3C/text%3E%3C/svg%3E)
Hi @James Burroughs @Dunsin Raymond , please see this solution and let me know if it works for you
- Ensure that you don't have any users that don't require the synchronization, specifically make sure that your users understand their Azure AD/Office365 user accounts will no longer be linked. If a user's password is changed on-prem it won't be the same as the one they use to login into Office365 anymore and vice versa. I am referring to the account used to log into computers in your on-prem environment, logging into Office365 applications such as Outlook for desktop require the user to enter their Azure AD/Office365 credentials.
- While I don't expect any problems to occur when turning off synchronization make sure you that you have a "Global Administrator" in your Azure AD tenant to ensure you retain administrator permissions before proceed with disabling synchronization. A Global Administrator account has full admin permissions in the Azure AD portal and the Office365 portal. Once you're sure you have access through your existing admin accounts feel free to delete the newly created Global Administrator account if you feel you no longer need it.
- Create new user in Azure AD: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/add-users-azure-active-directory
- Assign Roles to user accounts (you'll want to select "Global Administrator": https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal
- After that you'll want to log into a Windows 10 machine, a Windows Server 2016, or Windows Server 2019 machine that you have admin permissions on and run the following commands in a PowerShell session:
- Install-Module MSOnline
- say yes to the installation prompts that appear
- this will install the MSOL module that's needed to disable synchronization for your Azure/Office365 tenant
- Import-Module MSOnline
- modules are usually imported into a powershell session when installed but they sometimes don't, this will ensure that the MSOL module commands will be available to use in the current PowerShell session
- Connect-Msolservice
- When prompted to login use any Global Administrator account that exists in your Azure AD tenant
- Please make sure you have reviewed the precautions I've written above before proceeding
- Set-MsolDirSyncEnabled -EnableDirSync $false
- this will disable synchronization to your Azure AD/Office365 tenant
- If you go into your Azure AD tenant afterwards you should see the "Source" attribute of your users change from "Windows Server AD" to "Azure Active Directory" when viewed in the Azure portal. This shouldn't take long as you have a small number of users but it can take a few hours up to 48 but again, I don't expect it will take that long.
- You had mentioned that you only need to use Office365 for now which was why you were deleting user accounts in the Azure AD portal, if that's the case you should be OK to leave the Azure AD portal alone until you're ready to use it again. However, please note that deleting user accounts in the Azure AD portal will also remove the same user from the Office365 portal and will also remove any licenses from the user account such as Exchange Online. The Azure AD portal (portal.azure.com) and the Office365 (portal.office.com) use the same user database and are linked together by design.
- After you've run the above command make sure to uninstall Azure AD Connect from any servers you may have installed the software on as they will begin to report errors once you've disabled synchronization.
Please let me know if this works or if you need any more assistance.
If this answer helped you please mark it as "Verified" so other users may reference it.
Thank you,
James