AADconnect Deleting User accounts after Password change

Recently we had an issue where a Office 365 Hybrid Environment where a local user would reset their expired Local Password and the ADDconnect service would disconnect the user and delete the Mailbox and User account. We could restore the Mailbox from deleted Users in the Admin Panel however it was only restoring “In Cloud” rather than “Synced with Active Directory”

I checked the ImmutableId for the User in 365

Get-MSOLUser -UserPrincipalName user@domain.com |flGet-ADUser -Filter {UserPrincipalName -like user@domain.com } -Properties ObjectGUID | select ObjectGUID

which is the unique value AADconnect uses to sync between on-premise and 365 and it was the same.

Running through the ADDconnect “Customize Synchronisation Options” showed the AD group created for selective Users to be Synced had been moved to a different OU and it could not reference this anymore.

Fixing the OU location of the Group resolving this fixed the accounts back to 


VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: delete, ImmutableId, InCloud, password reset, Synced with Active Directory

Trackback from your site.