This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi
If we disable a user in active directory on prem should this then change the user to blocked sign in within office 365 portal. I manage multiple clients and this works however one of our clients (I didnt install the AADC) this is not working. Could they have created some starneg rule to not sync this flag?
Thanks
Microsoft 365 features that help users manage their subscriptions, account settings, and billing information.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Hi Jack,
Thanks for the updates.
I will consult our relevant team and let you know once I get any updates.
Regards,
Robert
Thanks Robert I'm aware of this one but was looking to see if when disabling a user, that it syncs the disabled state without the need to remove the user.
Hi Jack,
If you don't want the disabled users to sign into Office 365, you can block them from syncing to Office 365.
Here are the detailed steps to do it:
Regards,
Robert
Hi Barry
Thanks for the reply.
I meant a previous IT technician installed AADC before I took over support. Anyway perhaps I'm not explaining it very well. I'll try again below:-
Imagine I have a user on premise for example ******@vanitydomain.com - This user is synced to 365, they leave the company and I disable the on premise AD account. I then force or wait for a sync cycle to run. I would then expect the office 365 account to be blocked from sign in as the on premise account has been disabled. However this is not happening we can still sign in to office 365.
Hopefully that helps explain what I mean but let me know if not and I can share more info.
Thanks
Jack
Hi JackFisher,
What do you mean about “I didn’t install the AADC”? Do you mean that this affected user account suffix doesn’t match to one of the verified customer domains in Azure AD? Here is an article about Azure AD Connect for your reference: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-design-concepts
Meanwhile, please give us some screenshots about “one of our clients is not working” for a better understanding. Your cooperation is highly appreciated.
Thanks,
Barry