I had a situation recently where I wanted to shuffle my labs around as I’ve changed jobs and also got access to a new Azure subscription as part of my MVP award. I decided to bite the bullet and just start again as it had been a while since I changed my lab around and in the words or Satya Nadella it was time to Hit Refresh.
The only thing I wanted to take over was my domain name in Azure AD but as described in a previous post I had some dependencies I needed to clear up before deleting the domain name from my ‘old’ directory.
Once I had ‘un-synchronised’ the domain I am now able to start clearing up the dependencies on that domain name. Now when I go into my Azure AD users I can see that the previously synchronised accounts are now labelled as Azure Active Directory users (as opposed to “Local Active Directory”). I can now select the accounts in question and delete them.
Of course you could also do this with PowerShell too.
Get-MsolUser -SearchString "petere.work" | Remove-MsolUser -Force
and they’re gone!
Remember I also got a warning about groups? Well I’ve deleted the relevant users in that group now so the warning should be no more, shouldn’t it?
Well no not quite. The wizard still complains I have group references because the group owned a petere.work domain name. So my only option here it to delete the group.
And there we go the group is deleted. For the eagle eyed amongst you, you will note that I deleted the user account that I originally used to authenticate to Azure through PowerShell in my previous post. If I wanted to user PowerShell for this group deletion I would need to re-authenticate using Connect-MsolService and authenticating with an onmicrosoft.com account. If you are going to use PowerShell for any of this it’s probably wise to do this from the start . As mine is lab with only a few users I’m very happy to use the portal.
Get-MsolGroup -SearchString "petere.work" | Remove-MsolGroup -Force
Now I should be able to go back to the custom domains and delete the domain so I can use it in my other tenant.
That’s me done. I can now add that custom domain elsewhere in my shiny new subscription and work through delete the existing Azure Active Directory if I wish. I won’t go through that in this post but I can tell you that you will likely have a bunch more required actions to run through.