Unable to edit Users in Azure AD

Yannick71000 21 Reputation points
2022-04-22T10:41:28.1+00:00

Hello,

Following the interruption of our synchronization of our Ad Connect with the "Set-MsolDirSyncEnabled -EnableDirsync $False" cmdet, the modification of Users is still not possible from our Azure AD at this address:

https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/UsersManagementMenuBlade/MsGraphUsers

However, since our teanant M365 everything works, the Users who were on our AD On Premise have moved to the Cloud and therefore modifications are possible:

https://admin.microsoft.com/Adminportal?#/users

Why can't we modify the Users who were synchronized to our AD On Premise from the Azure AD portal?

Thanks for your answers

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,582 questions
0 comments
Accepted answer
  1. Carlos Solís Salazar 16,611 Reputation points
    2022-04-22T12:52:34.86+00:00

    Hi @Yannick71000

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    Did you want for the 72 hours??

    If you use this command, you must wait 72 hours before you can turn directory synchronization back on.

    Source: https://learn.microsoft.com/en-us/microsoft-365/enterprise/turn-off-directory-synchronization?view=o365-worldwide

    Also, you can check that directory synchronization was fully disabled, with:

    (Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

    This command will return True or False. Continue to run this command periodically until it returns False, and then try to update an object by using Windows PowerShell

    Hope this helps,
    Carlos Solís Salazar

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

    NOTE: To answer you as quickly as possible, please mention me in your reply.

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yannick71000 21 Reputation points
    2022-04-22T13:39:34.78+00:00

    Hi @Carlos Solís Salazar

    Thx to your answer.

    Indeed the 72 hours have not yet passed.
    The cmdet indeed returns "False" since the deactivation.

    I find it quite strange that modification from M365 has been possible for several hours already but not from Azure AD.

    So I will wait another 48 hours.

    I had read the article you cite but I thought that the 72H was for the Office 365 tenant. Since then, modifications are possible, I thought that on the Azure AD side they would be too.

    0 comments
  2. Yannick71000 21 Reputation points
    2022-04-24T15:41:39.97+00:00

    Hello,

    The 72 hours have passed and I still see the "problem".

    In itself it is not disturbing because I can make the modifications from the M365 admin tenant (modification of the smtp, address, account name etc...).
    But I don't understand why the Users in my AZure Active Directory are not in "Azure Active Directory" source and remain in "Windows Server AD" source?

    0 comments
  3. Yannick71000 21 Reputation points
    2022-04-26T06:38:58.083+00:00

    Hello,

    Since this morning the synchronization of our users is effective on our Azure AD.
    holes the Users accounts that were synchronized on our AD On Premise are now editable from Azure AD.

    I do not understand the resolution of this problem, we had to wait more than 4 days in the end since the interruption of the synchronization of our AD Connect.

    So I'm going as solved.

    0 comments