Object deletions aren't synchronized to Azure AD when using the Azure Active Directory Sync tool
Original product version: Cloud Services (Web roles/Worker roles), Azure Active Directory, Microsoft Intune, Azure Backup, Office 365 Identity Management
Original KB number: 2709902
Symptoms
Consider the following scenario:
- You have an on-premises Active Directory object.
- Directory synchronization is used to sync the Active Directory object to Microsoft Azure Active Directory (Azure AD). It creates a linked object.
- You delete the on-premises Active Directory object.
In this scenario, the linked object isn't removed from Azure AD.
Cause
This issue may occur if one of the following conditions is true:
- Directory synchronization hasn't yet occurred.
- Directory synchronization unexpectedly failed to delete a specific cloud object and results in an orphaned Azure AD object.
Resolution
To fix this issue, follow these steps:
Check that directory synchronization occurred correctly. For more information, see Verify directory synchronization.
If sync is working correctly but the Active Directory object deletion is still not propagated to Azure AD, manually remove the orphaned object. To do so, use one of the following cmdlets in Azure Active Directory Module for Windows PowerShell:
Remove-MsolContactRemove-MsolGroupRemove-MsolUserFor example, to manually remove orphaned user ID
john.smith@contoso.comthat was originally created by using directory synchronization, you would run the following cmdlet:Remove-MsolUser -UserPrincipalName John.Smith@Contoso.com
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support.
Feedback
Submit and view feedback for