Monday, July 4, 2016

Deleting an old AAD Connect Service account

Just a little tidbit that had me confused for a second. You can not delete an AAD Connect service account from the tenant portal, you have to do it from within Azure AD. Im sure there is also a method to do this from the shell as well. 

A normal AAD Connect service account will look like this



You can tell which one is the new one because the account is always made with the server name after the Sync_ in this case this account is tied to DC01 from within my org.

You also can no longer disable AAD Connect from the new portal from within the GUI. The new portal requires you to connect via Powershell and run

Set-MsolDirSyncEnabled –EnableDirSync $false