Just had to deal with a hybrid office 365 environment, so on prem AD was syncing to office 365 – no writeback.
Over the time that dirsync/aad connect has been syncing, OUs have been added and removed. As such some issues have occurred with contacts and users. We then had issues when OUs were added back that contacts and users collided on some data (proxyaddresses).
In some cases we were able to make changes to the objects on prem, and these then sync’d in the next run.
However we had some where the office 365 /Azure AD object had become orphaned. Office 365 thought they were sync’d with on prem AD, and as such the gui (web) interface would not allow us to delete these objects.
This is easy to fix, just need to connect to office 365 using powershell to remove the object.
Install the powershell modules if you don’t have them
- Install-Module -Name AzureRM -AllowClobber –Force
- Install-Module MSOnline
Connect to Azure/Office365
- $credential = Get-Credential
- Connect-MsolService -Credential $credential
- Get-MsolContact -objectid fad9c2dd-xxxxx-x-xxxx-x-x-x-x-x-x-x
- Remove-MsolContact -objectid fad9c2dd-xxxxx-x-xxxx-x-x-x-x-x-x-x
To remove an out-of-sync wooting double movement Office 365 user or contact, use PowerShell to run the Remove-MsolUser or Remove-MailContact command for the affected object.
ReplyDelete