Share via

Convert On Prem Ad Connect Synched users to Cloud 365 accounts and retain current password

lydon109 26 Reputation points
2022-05-10T12:36:07.64+00:00

Hi

We have a client that has On-Prem AD that is connected to O365 via AD connect.

We are in the process of migrating away from their server(2016) to the cloud. We have stripped it back to just the user accounts(350+) that we are bringing over, no groups or GPO, etc.

We have the command to pause/stop the Ad connect, and or move the users to a new OU that does not Sync up to the O365 tenant.

But we are not sure about the step to convert the current AD Users to be Cloud Users?
Reading forms, I am seeing that the users move to a deleted user's account and we have to restore them but we need to generate new passwords.
Is there a way to retain their current password?

if you can advise,
thanks in advance

Windows 365 Enterprise
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,386 questions
Accepted answer
  1. AmanpreetSingh-MSFT 56,771 Reputation points
    2022-05-10T14:14:58.38+00:00

    Hi @lydon109 • Thank you for reaching out.

    From your question, I understood that you want to convert the synced users to cloud-only users and retain their existing synced passwords.

    You can use the Set-MsolDirSyncEnabled PowerShell cmdlet as mentioned below, which will convert your synched users to cloud-only, retain the current passwords and stop the synchronization as well. 

    Set-MsolDirSyncEnabled -EnableDirsync $false

    Note: It may take up to 72 hours to complete deactivation once you have disabled DirSync through this cmdlet. The time depends on the number of objects that are in your cloud service subscription account. If the number of objects is less, it may complete within minutes as well. You cannot cancel the disable action. It will need to complete before you can take any other action, including re-enabling of DirSync. If you choose to re-enable DirSync, full synchronization of your synced objects will happen. This may take a considerable time depending on the number of objects in your Active Directory.

    Read more: Turn off directory synchronization for Microsoft 365

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    2 people found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ESP IT Guy 41 Reputation points
    2025-02-25T22:36:03.4333333+00:00
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.