Remove Azure Role Assignment

How to remove users Access Management from Top level

First, make user you have full access in azure,
Then go to Azure AD, then to Properties

Change from No to Yes
When this is done, you can run this PowerShell command

Remove-AzRoleAssignment -SignInName first.lastname@company.com -RoleDefinitionName "User Access Administrator" -Scope "/"

This will remove the user’s access from the top level.
Make sure your user account change back your access right.

Azure AD Threshold sync

Have you encountered the problem that you want to make more change than allowed or that you just wonder changes how to change Azure AD Sync Threshold?
This needs to be done on the server that has an Azure Sync client.


First to find out if there is one and what is the setup?
Get-ADSyncExportDeletionThreshold

If you want to disable this rule for some reason,
we strongly advise against it.
Disable-ADSyncExportDeletionThreshold

Then there nothing stopping if someone accidentally deleted to many accounts between two syncs.

If you want to change the Threshold to 10
Enable-ADSyncExportDeletionThreshold -DeletionThreshold 10

Read more about it

Module AzureAD Powershell

So you want to use Powershell to do things in your AzureAD?

First of you need to import AzureAD

import-module azuread

Then after that, you can start using for example
Find an Azure AD group

Get-AzureADGroup -ObjectId $ValueOfGroup

or
Find an Azure AD group

Get-AzureADUser -ObjectID $VauleOfUser

And many other commands that come with the import of AzureAD

Don’t forget that you need to connect to Azure with PowerShell before you can start using the commands.