So, I was in the process of setting up a new VDI farm for a customer and as we couldn't migrate their forest (easily) it seemed easier to just create everything from scratch and do it right (as this old old old setup was a mess anyway)
All was going well and during testing / getting ready to go live we enabled passthrough authentication from Azure AD ... had some issues, and tried to disable it / mis-read an FAQ and uninstalled the passthrough daemon without first running AD Connect to turn on Hash sync .. worse yet, we also removed AD Connect
So now, we can't log into Azure AD to do anything and the client can't log into their O365 email
I've been on to AzureSupport and they've said raise a ticket, which I've done and they also suggested posting here for ideas
So, any ideas how I can fix this myself? The "break glass" account is missing Azure/AD permissions so I can't unfubar things using that ... in fact we had a hell of a job even getting into that as the recovery details still point to the guy who originally set the whole thing up, even though we were sure we'd changed them to point to one of our lead engineers