If you have had the bad luck of eliminating the synchronization from your Active Directory without first removing the users or groups, you will have realized that it is not possible to eliminate them later from the Azure portal. This is the typical scenario that occurs in your test environment, where you can end up with remnants of previous synchronizations. In this article I’ll share the PowerShell script that you can use to remove both groups and users.
#Install AzureAD module
Install-Module AzureAD
#Connect to Azure AD
Connect-AzureAD
#Get Azure AD Users
Get-AzureADUser
#Remove Orphan Azure AD User
Remove-AzureADUser -ObjectId USER_OBJECT_ID
#Get Azure AD Groups
Get-AzureADGroup
#Remove Orphan Azure AD Group
Remove-AzureADGroup -ObjectId GROUP_OBJECT_IDAs you can see, before performing any operation, you need to install the AzureAD module and connect to a user with sufficient privileges to view and delete objects. Finally, use the ObjectId of the element you want to remove from your directory. You can get this by viewing users with Get-AzureAD and groups with Get-AzureADGroup.