Decommissioning Azure AD Connect

Steps to disable AD Sync, remove AAD connect, and move to cloud-only administration.

1. Run PowerShell as an Administrator

2. Install the AD Sync PowerShell module by running the following command:

Install-Module MSOnline

3. Run the following command to connect to the Azure Active Directory of the tenant for which you are disabling AD Sync.

Connect-MsolService

4. Enter the Global Admin credentials for Azure AD/Office 365 tenant.

5. Run the following command to disable the Directory Sync.

Set-MsolDirSyncEnabled –EnableDirSync $false

6. Run the following command to verify if Dir sync is disabled.

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

7. Go to your AAD connect server and uninstall Microsoft Azure AD Connect using Uninstall Program in Control panel.

8. Additional clean-up steps (Optional).

a. Remove the service account created by AAD connect from AD. Check Users container for an account like MSOL_GUID. The description of the service account has the name of the AAD connect server for identification.

b. Remove the local AAD groups created by AAD installation, if you are not planning to install AAD connect again. If you have installed AAD connect on a DC, these will be the AD group. Keep them for other AAD connect installations or if you have or plan to have.