Removing an Office 365 Tenancy

There may be a reason you wish to totally remove an Office 365 tenancy. In our case, it was that the company we looked after was sold. They wanted the data removed – and quickly.

It is possible now to totally remove a tenancy following these steps:

  1. Remove any licensing from the Office 365 tenancy
  2. Open Powershell
  3. Connect to Azure AD by typing
    Connect-AzureAD

    If this doesn’t work, you may need to install AzureAD. Do this by typing

    Install-Module -Name AzureAD
  4. Once connected, you need to connect to Active Directory or mosl. To do this type
    Connect-MsolService

    If this does not work, you may need to install msol. Do this by typing

    Install-Module -Name Connect-MsolService
  5. Disable dirsync with the following command, if enabled
    Set-MsolDirSyncEnabled -EnableDirSync $false

    This command will take around 30 minutes for all users to become in cloud users

  6. You now need to remove all users and remove them from the recycle bin. Type
    Get-MsolUser | Remove-MsolUser -Force

    Then after waiting 30 minutes or so, type the following

    Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force

    This command removes the deleted users from the AD recycle bin

  7. The next script will remove all of the enterprise applications in AD. This needs to be done
    $ObjectIds = (Get-AzureADServicePrincipal).ObjectIdFor ($i=0; $i -lt $ObjectIds.Length; $i++){ Remove-AzureADServicePrincipal -objectid $ObjectIds[$i]}
  8. Once these commands are completed, you can check Azure Active Directory by going to https://aad.portal.azure.com. Select Azure Active Directory and try to delete it. You will get something like the following. In this case, once the licenses have expired (these we removed 12 hours ago) you will be able to delete the tenancy.

For more information check out the following links:

User Device Registration Event ID 304 307

With Server 2016, we’ve been getting a lot of these errors in the event log

This is caused by a task called Automatic-Device-Join which runs as a scheduled task whenever someone logs into a server (terminal server). This can cause a lot of events on the system.

Disable this task. This is used for Azure AD device joins. No idea why this is enabled by default.