Hi Unisys,
Nick, thank you for your post. I have carefully compared your screenshots with my settings. "Users" checkbox was ticked in "Sync by domain" part. I have corrected it. I have enforced sync for all enabled Applications, still no luck... unwanted users are still listed in O365 Portal. I am going to give it some time and check if it automatically removes those unwanted users.
If it does not work I would like to let Centrify "take over" and then deprovision unwanted accounts. Where should I satrt?
Thank you, I hope to get advice from you again.
Ok, so since the users were put there by the "Sync by domain" checkbox, unchecking the box will not remove the users from O365. And since they are not going to be licensed, we can't really "deprovision" them.
However, what we can do is use powershell to remove the users. This is a relatively easy thing to do.
We tell powershell to look for all unlicensed users, and then delete them. Simple right?
First, Install the Microsoft Online Services Module for Windows PowerShell
Then, let's retreive admin creds for O365:
- $msolcred = Get-Credential
Then, let's connect to O365:
- Connect-MsolService -credential $msolcred
Now, let's remove all unlicensed users:
- Get-MsolUser -All | Where-Object {$_.isLicenced -ne "true"}| Remove-MsolUser
The above command will prompt you to confirm that you'd like to delete the user in question per-user. If you'd like to avoid the confimation prompt, please use the below command:
- Get-MsolUser -all | Where-Object {$_.isLicensed -ne "true"}| Remove-MsolUser -Force
If you have further questions, feel free to respond here or DM me directly.
-Nick