Janik von Rotz

1 min read

Office 365 DirSync do not import disabled users

One of my clients mentioned that he follows people in the newsfeed who weren’t employed any more.

Occasionally we disable the this kind of users in the Active Directory but don’t delete them.

It seems that DirSync doesn’t filter disabled accounts.

To change that open the Synchronization Service Manager and navigate to > Management Agents > [your connector] > Configure Connect Filter.

Now we are going to add a new attribute filter for the account control attribute.

  1. Select user as Data Source Object Type.
  2. Click on New.
  3. Select userAccountControl for Data source attribute
  4. Operator is Equal.
  5. Set value 0x202.
  6. Add the new condition and finish with OK.

Configure Connector Filter - Account Disabled

Finally run a full sync with PowerShell.

Add-PSSnapin Coexistence-Configuration
Start-OnlineCoexistenceSync -FullSync

There shouldn’t be any disabled users in your azure directory any more.

Categories: Office 365
Tags: dirsync , syncing
Improve this page
Show statistic for this page