Object deletions aren't synchronized to Azure AD when using the Azure Active Directory Sync tool
Original product version: Cloud Services (Web roles/Worker roles), Azure Active Directory, Microsoft Intune, Azure Backup, Office 365 Identity Management
Original KB number: 2709902
Symptoms
Consider the following scenario:
- You have an on-premises Active Directory object.
- Directory synchronization is used to sync the Active Directory object to Microsoft Azure Active Directory (Azure AD). This creates a linked object.
- You delete the on-premises Active Directory object.
In this scenario, the linked object isn't removed from Azure AD.
Cause
This issue may occur if one of the following conditions is true:
- Directory synchronization hasn't yet occurred.
- Directory synchronization unexpectedly failed to delete a specific cloud object and results in an orphaned Azure AD object.
Resolution
To fix this issue, follow these steps:
Force directory synchronization. For more information about how to do this, see Force directory synchronization.
Check that directory synchronization occurred correctly. For more information about how to do this, see Verify directory synchronization.
If sync is working correctly but the Active Directory object deletion is still not propagated to Azure AD, you can manually remove the orphaned object by using one of the following Azure Active Directory Module for Windows PowerShell cmdlets:
Remove-MsolContactRemove-MsolGroupRemove-MsolUserFor example, to manually remove orphaned user ID
john.smith@contoso.comthat was originally created by using directory synchronization, you would run the following cmdlet:Remove-MsolUser -UserPrincipalName John.Smith@Contoso.com
More information
Still need help? Go to Microsoft Community or the Azure Active Directory Forums website.