Deactivate directory synchronization
Published: March 7, 2013
Updated: February 20, 2014
Applies To: Office 365, Windows Azure, Windows Intune
If you want to manage objects in Windows Azure AD, and you no longer want to use directory synchronization, you can deactivate it. Deactivating directory synchronization effects email migration, identity management, and single sign-on functionality. In some scenarios, reactivating directory synchronization can overwrite objects that have been previously synced to the cloud. Therefore, before you toggle directory synchronization activation, be sure to read Directory synchronization and source of authority.
To deactivate directory synchronization, use the procedure below that is most appropriate for your needs.
Depending on which portal you are using, do one of the following:
If you are using the Office 365 or Windows Intune account portal, click Users, click Set up next to Active Directory synchronization, and then proceed to the next step.
If you are using the Windows Azure Management Portal, click Active Directory, click on your directory showing on the Enterprise Directory page, click Directory Integration, and then proceed to the next step.
If you are using the Windows Azure AD Preview Portal, in the left pane, click Integration, click Deploy directory sync, and then proceed to the next step.
- If you are using the Office 365 or Windows Intune account portal, click Users, click Set up next to Active Directory synchronization, and then proceed to the next step.
Click Deactivate, depending on the state you want to set for directory synchronization.
Install and run the Windows Azure Active Directory Module for Windows PowerShell. For more information, see Use Windows PowerShell cmdlets to manage your Windows Azure AD tenant.
Run the following cmdlet:
Set-MsolDirSyncEnabled –EnableDirSync $false
To verify that directory synchronization was deactivated, run the following cmdlet:
When this cmdlet returns False, directory synchronization has been disabled. It may take 72 hours for deactivation to be completed. The duration depends on the number of objects that are in your Windows Azure AD tenant.