Wednesday , October 16 2019

Azure Active Directory Sync – Choose Specific OUs

Most Common Mistakes. On First Run – Admins – Run Azure Active Directory Sync and Choosing the whole domain/directory to sync.

And later realize they sync so much garbage accounts to Cloud.

Lets see how to cleanup this mess.

Open Azure Active Directory PowerShell.

Set-ADSyncScheduler –SyncCycleEnabled $False


Open Azure Synchronization Service Manager.

Right Click Properties.


Choose Containers –


Choose the OUs you need who has users and groups and computers which are running windows 10 to leverage azure feature sets


Now run a Full Import


Now you can see the Deletes –


if you see below error


Disable (Prevents accidental deletes) – Temporarily. use below command



Enabled it back (Prevents accidental deletes)


Enable Sync Scheduler Back.

Set-ADSyncScheduler –SyncCycleEnabled $True

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Save Public IPs using F5 LTM Policies

F5 has different modules and one of them is LTM – Local Traffic Manager . ...

Leave a Reply

Your email address will not be published.