DeletingCloudOnlyObjectNotAllowed – How To Resolve Dirsync

by dakseven, posted in Active Directory, Azure AD

  • The error is caused as a result of converting accounts from AD to Cloud using the restore technique once moved from the OU where you are syncing your users
  • You will find export errors and the “DeletingCloudonlyObjectnotallowed” problem

In order to resolve you will have to remove the attribute of immutable ID using the SET MSOL CMDLET

The Active Directory “objectGUID” is used as your ImmutableID. After your initial sync, objects in the cloud will have the base-64 version of the objectGUID stamped as the ImmutableID ( )


#Run the cmdlet: "Connect-MsolService" and enter your global admin credentials
connect-msolservice
Set-MsolUser -ObjectId '<user's object ID>' -ImmutableId "$null"'
#Trigger a delta sync by running the cmdlet ( From your Dirsync server) 
Start-ADSyncSyncCycle -PolicyType Delta

Example of the errors

  • Example of running the command and the sync

Published by dakseven

One thought on “DeletingCloudOnlyObjectNotAllowed – How To Resolve Dirsync

  1. Pingback: Hiding Leavers from the Address list GAL – Exchange Hybrid ( Mail / Mail nickname )

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.