This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 11%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Azure AD Connect stale object cleanup
Hi all, we recently migrated from old onprem AD to new onprem AD. We had Azure AD Connect sync in the old domain. We disabled it, cleared immutableid on cloud identities and configured sync on the new onprem AD domain. We did not enable sync of all identities at once on the new domain, but rather doing it stages. And then somebody turned on sync on the old domain again, so that some mail enabled security groups and user objects became synchronized again, but with the old domain. Then the old domain was disconnected from the network. Now some of the objects cannot be soft-matched or edited, because they are linked to the old domain. We no longer have access to the old domain and cannot decomission the old AAD Connect properly. How can we remove the link between AAD users/groups and the old domain? Regards- Ruslan
I'd open a ticket with Azure support.
Is Azure support included with Office365 subscribtion ?