Convert all onpremise users AD to Cloud only without resetting password

Question

Hello everyone

I have several hybrid users accounts in AD (synced to Azure).

I want to convert all accounts to full azure.

I'm able to do it if I delete the account in AD, launch the synchro, restore the account in "Deleted Users" but I have to reset password while I restore it from

How to do for all users without resetting theirs passwords ?

Thanks for your advices.Y

Answer 1

Simply disable directory synchronization, it will convert all users to cloud-only, without affecting their password. This is the only supported solution in fact. The method you outlined above is a workaround that has never been supported by Microsoft. But if you do plan to use it, simply recover the users via PowerShell or the Graph API - the change password part is something the portal is forcing you to do.

Answer 2

Hi @Yannick

When you deleted synced users from Entra ID and restored , it will stay synced and it cannot be modified from Entra ID.

In you case you have to disable directory synchronization as mentioned in this link : Turn off directory synchronization

When you disable directory synchronization , all synced users will be converted to cloud only accounts.

Regarding the user password , if you password syncis already enable , in this case the user will reuse same password in AD. If it's not the case , you can reset it if it's unknown.

---

Please don't forget to accept helpful answer

---