Office 365 and local AD Sync

 1. Run PowerShell

2. Run the following command to install the AzureAD Sync module:

 

[Import-Module ADSync]

{Connect-MsolService -Credential $credential}

3. Next lets review the current intervals AzureAD Connect uses to sync by running the following command.

 

[Get-ADSyncScheduler]

4. Now run the following command to initialize the AzureAD Sync immediately.

 

[Start-ADSyncSyncCycle -PolicyType Delta]

NOTE: This will only sync current changes.  Run the following command to force a complete sync but note that the length of sync time would be greatly increased.

 

[Start-ADSyncSyncCycle -PolicyType Initial]

How to disable automatic updates with Registry

You can also use the Registry in two different ways to disable automatic updates on Windows 10.

Warning: This is a friendly reminder that editing the Registry is risky and can cause irreversible damage to your installation if you don't do it correctly. Before proceeding, it's recommended to make a full backup of your PC.

Disable updates

To disable Windows 10 updates permanently by changing the Registry settings, use these steps:

Open Start.

Search for regedit and click the top result to launch the Registry Editor.

Navigate to the following path:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows

Right-click the Windows (folder) key, select the New submenu and choose the Key option.

WindowsUpdate Regedit Key

Source: Windows Central

Name the new key WindowsUpdate and press Enter.

Right-click the newly created key, select the New submenu, and choose the Key option.

AU Registry key to disable Windows Update

Source: Windows Central

Name the new key AU and press Enter.

Right-click the AU key, select the New submenu, and choose the DWORD (32-bit) Value option.

NoAutoUpdate registry DWORD

Source: Windows Central

Name the new key NoAutoUpdate and press Enter.

Double-click the newly created key and change its value from 0 to 1.

Disable Windows Update permanently using Registry

Source: Windows Central

Click the OK button.

Restart the computer.

After you complete the steps, automatic updates will be disabled permanently on the device. However, you will still be able to download updates by clicking the Check for updates button on the Windows Update settings page.

If you want to undo the changes, you can use the same instructions outlined above, but on step 4, right-click the WindowsUpdate key, select the Delete option, then reboot the computer to apply the settings.

Demoting Domain controller manually

 Certain situations, such as server crash or failure of the DCPROMO option, require manual removal of the DC from the system by cleaning up the servers metadata. The following detailed steps will help you accomplish this:

Removing metadata via Active Directory Users and Computers

1. Log in to DC server as Domain/Enterprise administrator and navigate to Server Manager > Tools > Active Directory Users and Computers
2. Expand the Domain > Domain Controllers
   
3. Right click on the Domain Controller you need to manually remove and click Delete
   
4. Click Yes to confirm within the Active Directory Domain Services dialog box
   
5. In next dialog box, select This Domain Controller is permanently offline and can no longer be demoted using the Active Directory Domain Services Installation Wizard (DCPROMO) and click Delete
   
6. If the domain controller is global catalog server, in next window click Yes to continue with deletion
7. If the domain controller holds any FSMO roles in next window, click Ok to move them to the domain controller which is available

Removing the DC server instance from the Active Directory Sites and Services

1. Go to Server manager > Tools > Active Directory Sites and Services
2. Expand the Sites and go to the server which need to remove
3. Right click on the server you which to remove and click Delete
   
4. Click Yes to confirm
   

Remove metadata via ntdsutil

1. Right Click on Start > Command Prompt (admin)
2. Type ntdsutil and enter
   
3. You are then presented with the metadata cleanup prompt
   
4. Next type remove selected server <servername>
   NOTE: Replace <servername> with domain Controller server you wish to remove
5. Click Yes to proceed when presented with the warning window
6. Execute the quit command twice to exit out of the console

Remove a Office 365 user from the Restricted users list

 https://security.microsoft.com/restrictedusers

Use the Microsoft 365 Defender portal to remove a user from the Restricted users list

In the Microsoft 365 Defender portal, go to (incidents & Alerts) Email & collaboration > Review > Restricted users.

On the Restricted users page, find and select the user that you want to unblock by clicking on the user.

Click the Unblock action that appears.

In the Unblock user flyout that appears, read the details about the restricted account. You should go through the recommendations to ensure you're taking the proper actions in case the account is compromised.

After you remove the user it needs 15 to 20 minutes to take effect.

When you're finished, click Next.

When you're finished, click Submit.

Click Yes to confirm the change.