Disable AD Connect Powershell

Below is a simple process showing how to disable AD Connect using PowerShell. You may need to use PowerShell to do this if your AD Connect server is no longer accessible. (You cannot disable the sync from the Azure Active Directory GUI).

On a machine which has internet access, open Powershell as an administrator. You need to install the MSOnline module if you do not already have it. This can be done by executing the following code:

Install-Module MSOnline

The next step is to connect to your Azure AD Environment with your global administrator credentials

$creds get-credential 

connect-msolservice -credential $creds

Once you have logged in execute the following command to disable AD Connect Sync

Set-MsolDirSyncEnabled –EnableDirSync $false

To confirm you have disabled the sync you can go to https://portal.azure.com navigate to Azure Active Directory > AD Connect and you should see something similar to the below

AD Connect Sync Status
AD Connect Sync Status

You can also run the following Powershell command to find out the sync status. The command will return a value of either True or False

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

You have now successfully disabled the sync. I found myself needing to do this on many occasions when I have been setting up a demo lab and deleted the Virtual Machine before I disabled the sync. Thankfully Powershell allowed me to fix this and stop receiving the “Unhealthy Identity Synchronisation” Notifications! You can use the same process above to enable the sync again by changing $false to $true.

Jake Stoker

Jake Stoker

Enteprise Mobility + Security SME

Leave a Reply

Your email address will not be published.