none
Unhealthy Identity synchronization Notification for a deleted domain

    Question

  • Hello,

    a few weeks ago I opended a new Office 365 Test-Account and connected it with one of AADs in my Azure-Tenant.
    In Azure was a Domancontroller with AAD-Connect and a ADFS-Server. I also had two Exchange-Servers with a few Mailboxes.
    This was for an demonstration (PoC) for an Hybrid-Migriation for Exchange 2016 to Office365

    After the Demo and the after the Trial-Period of O365 I deleted the all Users, the Servers and the AAD in my Azure-Tenant.
    I want to use that Domain with my new, MSDN-Office 365 Account because there is no 30 Day Limit.

    Now I get every day a warning mails from MSOnlineServicesTeam@MicrosoftOnline.com because of a syncronisation problem with the old, non existing Domain.

    Thanks for your Help
    Robert



    • Edited by KillRob Wednesday, April 19, 2017 12:08 PM
    Wednesday, April 19, 2017 11:59 AM

All replies

  • The error "Unhealthy Identity Synchronization" means the server running the Azure AD Connect, is not able to  establish the connection between AD (On premise) and Azure AD. You can follow any of the below methods to Stop the Directory Synchronization -

    Method 1:

    Make sure you have turned off "directory sync" in the portal.

    • Navigate to the Azure Management Portal (https://manage.windowsazure.com).
    • Select the Active Directory node on the left pane.
    • Select the Directory you have created.
    • Click on Directory Integration tab and deactivate Directory Sync.

    Method 2:

    1. Install the Azure Active Directory Module for Windows PowerShell. For more info, go to the following Microsoft website:
    Manage Azure AD using Windows PowerShell

    2. Connect to Azure AD by using Windows PowerShell. For more info about how to do this, go to the following Microsoft website:
    Connect to Azure AD

    3. Disable directory synchronization. To do this, type the following cmdlet, and then press Enter:

    Set-MsolDirSyncEnabled –EnableDirSync $false 

    4. Check that directory synchronization was fully disabled by using the Windows PowerShell. To do this, run the following cmdlet periodically:

    (Get-MSOLCompanyInformation).DirectorySynchronizationEnabled 
    This cmdlet will return True or False. Continue to run this cmdlet periodically until it returns False, and then go to the next step.

    Note: It may take upto 72 hours for deactivation to be completed. There is a process in the cloud service environment that computes attribute values. The process must be completed before the objects can be changed by using Windows PowerShell or by using the cloud service portal.
    Thursday, April 20, 2017 8:42 AM
    Moderator
  • Thanks for the Answer!

    You are right, as long as the Server and / or this Directory is available.

    But:

    I have deleted the Server in Azure and I have deleted the Directory. So I can not select this Directory or connect to it via PowerShell :-(


    • Edited by KillRob Thursday, April 20, 2017 8:49 AM
    Thursday, April 20, 2017 8:49 AM
  • Have you removed AAD Connect from the Server (or) re-configured it so that it does not sync to the Domain/Directory ?
    Thursday, April 20, 2017 11:36 AM
    Moderator
  • Hello Again,

    I tested a few things without success.

    I'm sorry to say but all Servers and even the AAD was deleted.
    So I'm not able to configure any settings because there is nothing to configure

    I installed a new Server with AAD-Connect wich syncs the new onPrem AD to a new Tenants AAD. The AAD has an other name because the old is supposedly in use.

    But its impossible to connect to the old AAD --> ist deleted and even it has no Users because they are also deleted...

    Here is a Screenshot of the daly eMail:

    



    • Edited by KillRob Wednesday, April 26, 2017 1:52 PM
    Wednesday, April 26, 2017 1:49 PM
  • We would suggest you to open a Technical Support Ticket on this as it wold require deeper investigation and we would require sensitive information like your Subscription and Tenant Details.
    Thursday, May 4, 2017 12:04 PM
    Moderator
  • Since a few days no more mail about the syncpromlems are send to me.
    This problem seems to be solved by waiting long enough :-)

    Friday, May 5, 2017 11:39 AM