diff --git a/data_safe_haven/commands/deploy.py b/data_safe_haven/commands/deploy.py
index 0129dfc968..8ee5e2cbd7 100644
--- a/data_safe_haven/commands/deploy.py
+++ b/data_safe_haven/commands/deploy.py
@@ -7,9 +7,10 @@
 from data_safe_haven.config import Config, ContextSettings
 from data_safe_haven.exceptions import DataSafeHavenError
 from data_safe_haven.external import GraphApi
-from data_safe_haven.functions import password
+
+# from data_safe_haven.functions import password
 from data_safe_haven.infrastructure import SHMStackManager, SREStackManager
-from data_safe_haven.provisioning import SHMProvisioningManager, SREProvisioningManager
+from data_safe_haven.provisioning import SREProvisioningManager
 from data_safe_haven.utility import LoggingSingleton
 
 deploy_command_group = typer.Typer()
@@ -75,12 +76,12 @@ def shm(
             stack.output("networking")["fqdn_nameservers"],
         )
 
-        # Provision SHM with anything that could not be done in Pulumi
-        manager = SHMProvisioningManager(
-            subscription_name=config.context.subscription_name,
-            stack=stack,
-        )
-        manager.run()
+        # # Provision SHM with anything that could not be done in Pulumi
+        # manager = SHMProvisioningManager(
+        #     subscription_name=config.context.subscription_name,
+        #     stack=stack,
+        # )
+        # manager.run()
     except DataSafeHavenError as exc:
         msg = f"Could not deploy Data Safe Haven Management environment.\n{exc}"
         raise DataSafeHavenError(msg) from exc
diff --git a/data_safe_haven/infrastructure/stacks/declarative_shm.py b/data_safe_haven/infrastructure/stacks/declarative_shm.py
index d0c0ff5828..b3aebc621a 100644
--- a/data_safe_haven/infrastructure/stacks/declarative_shm.py
+++ b/data_safe_haven/infrastructure/stacks/declarative_shm.py
@@ -4,12 +4,7 @@
 
 from data_safe_haven.config import Config
 
-from .shm.bastion import SHMBastionComponent, SHMBastionProps
 from .shm.data import SHMDataComponent, SHMDataProps
-from .shm.domain_controllers import (
-    SHMDomainControllersComponent,
-    SHMDomainControllersProps,
-)
 from .shm.firewall import SHMFirewallComponent, SHMFirewallProps
 from .shm.monitoring import SHMMonitoringComponent, SHMMonitoringProps
 from .shm.networking import SHMNetworkingComponent, SHMNetworkingProps
@@ -61,17 +56,17 @@ def run(self) -> None:
             tags=self.cfg.tags.model_dump(),
         )
 
-        # Deploy firewall and routing
-        SHMBastionComponent(
-            "shm_bastion",
-            self.stack_name,
-            SHMBastionProps(
-                location=self.cfg.azure.location,
-                resource_group_name=networking.resource_group_name,
-                subnet=networking.subnet_bastion,
-            ),
-            tags=self.cfg.tags.model_dump(),
-        )
+        # # Deploy firewall and routing
+        # SHMBastionComponent(
+        #     "shm_bastion",
+        #     self.stack_name,
+        #     SHMBastionProps(
+        #         location=self.cfg.azure.location,
+        #         resource_group_name=networking.resource_group_name,
+        #         subnet=networking.subnet_bastion,
+        #     ),
+        #     tags=self.cfg.tags.model_dump(),
+        # )
 
         # Deploy data storage
         data = SHMDataComponent(
@@ -116,32 +111,32 @@ def run(self) -> None:
             tags=self.cfg.tags.model_dump(),
         )
 
-        # Deploy domain controllers
-        domain_controllers = SHMDomainControllersComponent(
-            "shm_domain_controllers",
-            self.stack_name,
-            SHMDomainControllersProps(
-                automation_account=monitoring.automation_account,
-                automation_account_modules=monitoring.automation_account_modules,
-                automation_account_private_dns=monitoring.automation_account_private_dns,
-                domain_fqdn=networking.dns_zone.name,
-                domain_netbios_name=self.shm_name.upper(),
-                location=self.cfg.azure.location,
-                log_analytics_workspace=monitoring.log_analytics_workspace,
-                password_domain_admin=data.password_domain_admin,
-                password_domain_azuread_connect=data.password_domain_azure_ad_connect,
-                password_domain_searcher=data.password_domain_searcher,
-                private_ip_address=networking.domain_controller_private_ip,
-                subnet_identity_servers=networking.subnet_identity_servers,
-                subscription_name=self.cfg.context.subscription_name,
-                virtual_network_name=networking.virtual_network.name,
-                virtual_network_resource_group_name=networking.resource_group_name,
-            ),
-            tags=self.cfg.tags.model_dump(),
-        )
+        # # Deploy domain controllers
+        # domain_controllers = SHMDomainControllersComponent(
+        #     "shm_domain_controllers",
+        #     self.stack_name,
+        #     SHMDomainControllersProps(
+        #         automation_account=monitoring.automation_account,
+        #         automation_account_modules=monitoring.automation_account_modules,
+        #         automation_account_private_dns=monitoring.automation_account_private_dns,
+        #         domain_fqdn=networking.dns_zone.name,
+        #         domain_netbios_name=self.shm_name.upper(),
+        #         location=self.cfg.azure.location,
+        #         log_analytics_workspace=monitoring.log_analytics_workspace,
+        #         password_domain_admin=data.password_domain_admin,
+        #         password_domain_azuread_connect=data.password_domain_azure_ad_connect,
+        #         password_domain_searcher=data.password_domain_searcher,
+        #         private_ip_address=networking.domain_controller_private_ip,
+        #         subnet_identity_servers=networking.subnet_identity_servers,
+        #         subscription_name=self.cfg.context.subscription_name,
+        #         virtual_network_name=networking.virtual_network.name,
+        #         virtual_network_resource_group_name=networking.resource_group_name,
+        #     ),
+        #     tags=self.cfg.tags.model_dump(),
+        # )
 
         # Export values for later use
-        pulumi.export("domain_controllers", domain_controllers.exports)
+        # pulumi.export("domain_controllers", domain_controllers.exports)
         pulumi.export("firewall", firewall.exports)
         pulumi.export("monitoring", monitoring.exports)
         pulumi.export("networking", networking.exports)
diff --git a/data_safe_haven/provisioning/__init__.py b/data_safe_haven/provisioning/__init__.py
index 704c840043..ef51842651 100644
--- a/data_safe_haven/provisioning/__init__.py
+++ b/data_safe_haven/provisioning/__init__.py
@@ -1,9 +1,9 @@
 """Provisioning for deployed Data Safe Haven infrastructure."""
 
-from .shm_provisioning_manager import SHMProvisioningManager
+# from .shm_provisioning_manager import SHMProvisioningManager
 from .sre_provisioning_manager import SREProvisioningManager
 
 __all__ = [
-    "SHMProvisioningManager",
+    # "SHMProvisioningManager",
     "SREProvisioningManager",
 ]
diff --git a/data_safe_haven/provisioning/shm_provisioning_manager.py b/data_safe_haven/provisioning/shm_provisioning_manager.py
index 77429a88ea..52fe14d872 100644
--- a/data_safe_haven/provisioning/shm_provisioning_manager.py
+++ b/data_safe_haven/provisioning/shm_provisioning_manager.py
@@ -1,37 +1,37 @@
-"""Provisioning manager for a deployed SHM."""
+# """Provisioning manager for a deployed SHM."""
 
-from data_safe_haven.external import AzureApi
-from data_safe_haven.infrastructure import SHMStackManager
+# from data_safe_haven.external import AzureApi
+# from data_safe_haven.infrastructure import SHMStackManager
 
 
-class SHMProvisioningManager:
-    """Provisioning manager for a deployed SHM."""
+# class SHMProvisioningManager:
+#     """Provisioning manager for a deployed SHM."""
 
-    def __init__(
-        self,
-        subscription_name: str,
-        stack: SHMStackManager,
-    ):
-        super().__init__()
-        self.subscription_name = subscription_name
-        domain_controllers_resource_group_name = stack.output("domain_controllers")[
-            "resource_group_name"
-        ]
-        domain_controllers_vm_name = stack.output("domain_controllers")["vm_name"]
+#     def __init__(
+#         self,
+#         subscription_name: str,
+#         stack: SHMStackManager,
+#     ):
+#         super().__init__()
+#         self.subscription_name = subscription_name
+#         domain_controllers_resource_group_name = stack.output("domain_controllers")[
+#             "resource_group_name"
+#         ]
+#         domain_controllers_vm_name = stack.output("domain_controllers")["vm_name"]
 
-        # Construct DC restart parameters
-        self.dc_restart_params = {
-            "resource_group_name": domain_controllers_resource_group_name,
-            "vm_name": domain_controllers_vm_name,
-        }
+#         # Construct DC restart parameters
+#         self.dc_restart_params = {
+#             "resource_group_name": domain_controllers_resource_group_name,
+#             "vm_name": domain_controllers_vm_name,
+#         }
 
-    def restart_domain_controllers(self) -> None:
-        azure_api = AzureApi(self.subscription_name)
-        azure_api.restart_virtual_machine(
-            self.dc_restart_params["resource_group_name"],
-            self.dc_restart_params["vm_name"],
-        )
+#     def restart_domain_controllers(self) -> None:
+#         azure_api = AzureApi(self.subscription_name)
+#         azure_api.restart_virtual_machine(
+#             self.dc_restart_params["resource_group_name"],
+#             self.dc_restart_params["vm_name"],
+#         )
 
-    def run(self) -> None:
-        """Apply SHM configuration"""
-        self.restart_domain_controllers()
+#     def run(self) -> None:
+#         """Apply SHM configuration"""
+#         self.restart_domain_controllers()