I ran into an issue recently with a customer who had populated their cloud with users manually, and then ran DirSync to synchronize 1000s of user accounts. We then had a need to audit the cloud only accounts and come up with a plan to remove them. I found this to be a very effective way to address this.
Get-MsolUser -All | where { $_.ImmutableId -eq $null }
The ImmutableId field is created when users are synchronized from an external directory, so users without a ImmutableId are not from Active Directory.
No comments:
Post a Comment