Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,743 questions
Thank you for posting your query on Microsoft Q&A. In order to move your environment to cloud kindly follow Transition to the cloud.
When you plan your migration to Azure AD, consider migrating the apps that use modern authentication protocols (such as SAML and OpenID Connect) first. You can reconfigure these apps to authenticate with Azure AD either via a built-in connector from the Azure App Gallery or via registration in Azure AD.
After you move SaaS applications that were federated to Azure AD, there are a few steps to decommission the on-premises federation system:
Move application authentication to Azure Active Directory
Migrate from Azure AD Multi-Factor Authentication Server to Azure AD Multi-Factor Authentication
Migrate from federation to cloud authentication
Move remote access to internal applications, if you're using Azure AD Application Proxy
If you're using other features, verify that those services are relocated before you decommission Active Directory Federation Services.
Once done, Only option is to disable dirsync for entire tenant by using the same command as mentioned as below.
Set-MsolDirSyncEnabled -EnableDirsync $False
If you go into Azure AD Connect, and under Domain and OU filtering, uncheck a group, this will delete the group from Azure AD as well. This approach will not suit for your requirement.
Please do let me know if you have any further queries.
Thanks,
Akshay kaushik
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.