Remove OKTA integration with office 365 while maintaining users in both places.
Do any of you have experience with breaking / removing the sync between okta and office 365. I have been tasked with giving back control of all user attributes from Okta to Office 365 so that they can be edited in office 365 directly and Okta no longer has any control.
All user data must be maintained in their present state with passwords, groups and the like in both Okta and Office 365.
I have tried digging around in the documentation but have been unable to find any concrete information. Is it just a matter of deactivating the office 365 app in Okta or do I have to perform some additional steps to make it happen.
When it comes to reverting users from "Synced with Active Directory" to "In-Cloud" we would recommend working with Microsoft to verify the full impact of this change and the recommended approach for performing the steps required as there are severl implications of making this type of change.
For example if you are using ws-federation your users will need to be synced with Active Directory so revertign to incloud would require unfederating the domain.
Additionally synced users will require a password reset when they are reverted to In Cloud. However there are powershell scripts which can be used to perform this action in bulk.
I hope the above helps with getting you on the right track to make the required changed.