Go from 365 hybrid to Cloud Only

Freppys 96 Reputation points

I have a office 365 tenant with AD Sync activated which means password synchronization as well. And also some cloud only mailboxes created beside.

Right now when I need to do some changes to users or shared mailboxes I need to change attributes on the AD server.
I would like to instead of doing that go full cloud only so I can manage everything from the portal.

How do I proceed?

I have found the Powershell script to run: Set-MsolDirSyncEnabled -EnableDirSync $false to go cloud only. Is this just the way to do it or is there any more steps?

But is that it? Will the users see any affects if I do it, do I need to prepare anything for it?
Will it keep the users password it had before I run the script?


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,565 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,506 Reputation points

    @Freppys , If you have Password Hash Sync (PHS) enabled, users will directly authenticate from Azure AD and you don't need to perform any additional steps. If you are using Federated or Pass-Through authentication, you would need to first configure PHS. You can then use Set-MsolDirSyncEnabled -EnableDirSync $false cmdlet. After you run this cmdlet, the accounts can be managed directly in cloud.


    Please "Accept as answer" wherever the information provided helps you to help others in the community.

    2 people found this answer helpful.
    0 comments No comments

  2. Vasil Michev 100.1K Reputation points MVP
    0 comments No comments