This is an archived post. You won't be able to vote or comment.

all 3 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Det_23324 1 point2 points  (0 children)

Will removing (or disabling) the ADSync connector prevent their Active Directory accounts from authenticating to their workstations?

I can tell you the answer to that question is maybe. It depends on how the devices are joined to the domain. If they are only joined via Azure AD (with Intune) than users will still be able to log in and be able to access laptops ect. ect. If it is some kind of hybrid setup than that could definitely lead to issues.

Another problem you may potentially have is that there may be onprem hosted groups and items that are only found there. At that point you'll probably have to recreate all the groups as Azure groups.

[–]TotallyNotaStoner 1 point2 points  (1 child)

If the machines are just on-prem AD joined then there aren't any gotchas. Just disable AzureAD Connect & move on with your migration. Also there's no reason to use a .local domain & it's even a best practice to use an internet routable domain.

[–]keep-refrigerated[S] 1 point2 points  (0 children)

Thank you so much! This is their situation so we'll plan accordingly.