How to leave Azure AD, when Microsoft account got joined to it by exchange to office 365 migration

-2

1

Our company had a hosted Microsoft Exchange solution for our emails, and this was migrated by a 3rd party company to Office 365, and in that process they created a Azure Active Directory for our domain, and apparently also for each of our emails.

We didnt have any AD going on locally, and also isn't planning on it. Before they migrated from a hosted exchange, i had created a microsoft account on with my work email, which I also used to login into windows. It integrated nicely into Visual Studio etc.

But now I don't have full access to my pc anymore, although im still a administrator locally.

So how do i leave this Azure AD, and regain normal full admin rights to my pc?

Example of "managed by your organization"

Showing that its joined to Azure AD

When trying to click "Disconnect" on that Azure ID.

Edit: We don't use any AD, locally or azure. An external company was hosting our Exchange server previously, the same company migrated our hosted Exchange server email accounts to Office 365. (So I have no access to the Azure AD.) And in that process, they also created an Azure AD. (Their tech guy said they had to do that. If thats true or not, iI don't know).

I'm using windows mail to connect to my email account (not outlook), and I just tried removing it, and adding it again, as an Office 365 account, and in that process it said something about group policies. windows mail prompt Here are the group memberships of my user: Group memberships

This is the error im getting, when im trying to enable/disable a task related to windows update, in the task scheduler. task scheduler permission denied

Djensen

Posted 2019-01-24T13:29:38.453

Reputation: 129

1It has to be disconnected from the Azure AD setup wizard. You can also disconnect a single user, but if AD sync is active, and that AD user is not removed, a sync will put it back to synced status rather than cloud status. If you have no access to the Azure AD sync setup part, you can remove the sync user or change the password of the admin account that was used to break the sync. – LPChip – 2019-01-24T13:39:49.493

@LPChip the op said they don’t have local AD, so no AD Sync. – Appleoddity – 2019-01-24T14:54:26.157

@Appleoddity they don't have it, but that external company has. There is a sync somewhere, otherwise you don't see a "this setting is managed by your organization". – LPChip – 2019-01-24T14:58:05.083

Joining your device to Azure AD has no impact on your admin status on your computer. There are many advantages to having your machine connected to your organization’s Azure AD - SSO; BitLocker key backup; MFA bypass; enterprise state roaming, etc. When you setup Office 365, you were probably asked if you wanted to allow your org to manage the PC. You said yes. This didn’t change any admin status at all on your PC. So more detail about WHY you think you aren’t an admin is needed. – Appleoddity – 2019-01-24T14:59:40.040

@LPChip AD Sync is not required for this feature. This is called Azure AD Join, and it’s a part of Azure AD and Windows 10. There is no reason to think there is an “external company.” Their cloud hosted exchange was migrated to Office 365, part of that includes setup of Azure AD and cloud user accounts. When you connect Office to Office 365 it asks you if you want to allow the device to be managed. That’s it. No Azure AD sync needed, nor any active directory. – Appleoddity – 2019-01-24T15:04:53.373

I added more info to the question. – Djensen – 2019-01-24T15:37:18.650

You should delete this entire question and start with the very last sentence you typed in a new question with specific details about what you are trying to do. You’ve made so many assumptions about this being related to your Azure AD and Office 365 when it doesn’t even appear related. This is all completely standard stuff. Exchange ALWAYS works on top of AD whether you know it or not and it always enforces certain policies such as password complexity requirements. It’s the same typical message you see if you add an account to your phone. Please create a new question for the actual problem. – Appleoddity – 2019-01-24T17:19:56.510

Sorry, I don’t mean to sound rude. Some of the info you posted is useful in troubleshooting the issue and should be included. But you haven’t actually described your problem, you’ve asked how to implement, your likely inaccurate assumption of, the resolution to the problem. You’ve made a logical conclusion that “some settings are managed” is related to your issue, and then logically assumed it is related to your new Azure AD experience. However, that message is a known issue in Win 10 and is most likely completely unrelated. Windows is defensive over changes to updates for obvious reasons. – Appleoddity – 2019-01-24T17:48:20.767

Answers

0

You can still access local accounts on the pc by typing '.\' onto username followed by username. For example, if your local account is called 'Administrator', you would type '.\Administrator' into the username\email address login box. Then input appropriate password.

The '.\' tells the pc you're trying to access a local account.

I am also aware I am only addressing a part of your question. Your computer is either registered or actually joined to azure. There is a difference. In the first scenario, you would be able to disconnect from azure and in the second case, the person who initially joined the device will have to disconnect to disconnect all users on that device.

Either way, if you're trying to do something as an administrator, try logging in with your local account using the format mentioned earlier; otherwise, contact your helpdesk/IT.

StoicM

Posted 2019-01-24T13:29:38.453

Reputation: 59

Asked: 2019-01-24T13:29:38.453

Viewed: 722 times

Active: 2019-02-25T18:14:14.283