Office 365: What happens when you disable AD Connect?

Sometimes you just wonder what happens when you do something in a system. I wasn’t entirely sure what would if I disabled Active Directory synchronisation so I did it in my lab environment just to see.

Why would you want to do this?

More and more small businesses are decommissioning their old Small Business Servers and replacing them with a NAS box or micro server and SharePoint in 365.  A business of ten PC’s or less may not require Active Directory and as such don’t need a server anymore. In this case you will have to disable any existing synchronisation.

Just one thing to note: If you have an Exchange hybrid configuration, you must home all exchange mailboxes in the cloud and disable the hybrid before starting. If a user has a mailbox in Exchange it WILL NOT AUTOMATICALLY MIGRATE TO 365!

In the 365 portal click Users then Active Users and you will see your accounts have a status of ‘Synched with Active Directory’. To disable this synchronisation click Manage.

Disable AD Connect 1

Click Deactivate to start the process.

Disable AD Connect 2

Here we get warned that the process will take up to 72 hours and during that time we cant make any changes. Click Deactivate Now if you are happy to continue.

Disable AD Connect 3

Now we just wait until this deactivation message disappears.

Disable AD Connect 4

Haray, we have now disabled Active Directory synchronisation, nothing too exciting huh? This is confirmed by checking that the status of all user accounts now show ‘In Cloud’ meaning the accounts are now fully cloud managed.

At this point you will want to go through and delete all of the system accounts and other clutter you don’t need anymore. From here you essentially you have an account which is standalone and no longer knows anything about your on-premises environment.

Disable AD Connect 5

I hope someone finds this useful or even just a little bit interesting!

Author: Ian@SlashAdmin

Share This Post On
468 ad


  1. Just wanted to say thanks for this – you’ve saved me loads of time testing to get the right answer.

    Post a Reply
    • Thanks for taking the time to comment Dave and glad you found it useful.If you encounter any issues let me know.

      Post a Reply
    • Excellent !!!

      Post a Reply
  2. Many thanks, worked a treat!

    Post a Reply
  3. even in 2018 – this post was appreciated

    Post a Reply
  4. Needs to be updated for the new UI. I cannot find the deactivate options.

    Post a Reply
  5. Thanks for the useful post. What happens to users passwords?

    Post a Reply
    • Hi Saif, They stay the same as what they were before. No change.

      Post a Reply
  6. What happens to DL’s and mail enabled security groups that are synced?

    Post a Reply
  7. Can you please answer what happens to distribution lists and mail enabled security groups? Thanks!

    Post a Reply
  8. What will happen to synced DL’s managed by AD/2010? will it also create online objects?

    Post a Reply
  9. SO now we have an issue with our user’s accounts who were part of the Hybrid Config, there is an identity issue when those users log into the workstations, they still appear as a domain user SHELLCU because of a key still containing the on-premise AD environment/domain/controller

    Post a Reply
  10. Did anyone get the answer for the security groups and the DLs ?
    Thank you in advance if anyone has the answer.

    Post a Reply
  11. Hi, in the new 365 environment there is no longer a manage button for active users. Can anyone please tell me how I can deactivate AD Sync ? Thanks very much.

    Post a Reply
  12. Hi, My colleagues are using the domain login the window profile. The account is dir sync to the M365 portal. May I need to change the window profile if I need to destroy the domain and using the M365 email account to log in to the window? Thnaks!

    Post a Reply
  13. For all the guys, looking for the impact of disabling sync on DL’s; the DL’s are also retained, & the status turns to Cloud Only for them as well like the Users. 🙂

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *