locked
Azure Active Directory Sync Cycle RRS feed

  • Question

  • Hi,

    We have recently introduced to Office 365 and Azure portal. So I want to check if we can setup a script to get a email after every sync cycle.

    Is it possible to do? If yes, can anyone suggesting me how to proceed with it.

    Thank you.

    Wednesday, November 6, 2019 10:45 AM

Answers

  • @CManasa, the challenge that I see with using a PowerShell script to send an email after every sync cycle is with the action that would trigger the script as my first thought was to attach the script with the event that gets logged at the completion of the sync cycle but on my AD Connect Server I got 106 number of events during a delta sync cycle and approx. 100 of those events were logged with event ID 904. If we attach the script with this event, script would be triggered each time event ID 904 gets logged. In this case, we would need to parse all 904 events with below text:

     

    "Import/Sync/Export cycle completed (Delta)."

     

    This will be a complicated task to do and again, the trigger for executing the script will be a challenge. However, If we somehow manage to send an email that wouldn't be much helpful as it will send an email that sync cycle is complete regardless of whether the sync cycle is completed with errors or some operations failed during sync cycle. As administrator, we should be more concerned about the notification of errors .

     

    I would suggest you to go with Azure AD Health Connect Agent, which will upload the health status of your AD Connect server to Azure. The Azure AD Connect Health agent for sync is installed automatically in the latest build of Azure AD Connect. If you completed the configuration, below services would already be running. Otherwise, they are stopped until the configuration is complete. 

    • Azure AD Connect Health Sync Insights Service
    • Azure AD Connect Health Sync Monitoring Service

    You can then navigate to below path and configure the notification email to be sent to All Global Administrators of your tenant and configure additional email addresses for email notification as well. The notification email will include the latest Synchronization Errors report for your Azure AD Connect.

    

    Azure AD Connect Health is an Azure AD Premium feature and requires Azure AD Premium license. If you do not have a premium license, you can start a free 30-day trial (https://azure.microsoft.com/en-us/trial/get-started-active-directory/) and test this feature out. For other requirements, related to required TCP ports, URLs, SSL inspections etc. please check the Requirements section of Azure AD Connect Health Agent Installation.


    Please "mark as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.


    Thursday, November 7, 2019 9:07 AM

All replies

  • I have reached out to the product team to check on this. You might be able to trigger an alert based on the latest directory sync time. https://docs.microsoft.com/en-us/office365/enterprise/view-directory-synchronization-status


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    Wednesday, November 6, 2019 11:03 PM
    Owner
  • @CManasa, the challenge that I see with using a PowerShell script to send an email after every sync cycle is with the action that would trigger the script as my first thought was to attach the script with the event that gets logged at the completion of the sync cycle but on my AD Connect Server I got 106 number of events during a delta sync cycle and approx. 100 of those events were logged with event ID 904. If we attach the script with this event, script would be triggered each time event ID 904 gets logged. In this case, we would need to parse all 904 events with below text:

     

    "Import/Sync/Export cycle completed (Delta)."

     

    This will be a complicated task to do and again, the trigger for executing the script will be a challenge. However, If we somehow manage to send an email that wouldn't be much helpful as it will send an email that sync cycle is complete regardless of whether the sync cycle is completed with errors or some operations failed during sync cycle. As administrator, we should be more concerned about the notification of errors .

     

    I would suggest you to go with Azure AD Health Connect Agent, which will upload the health status of your AD Connect server to Azure. The Azure AD Connect Health agent for sync is installed automatically in the latest build of Azure AD Connect. If you completed the configuration, below services would already be running. Otherwise, they are stopped until the configuration is complete. 

    • Azure AD Connect Health Sync Insights Service
    • Azure AD Connect Health Sync Monitoring Service

    You can then navigate to below path and configure the notification email to be sent to All Global Administrators of your tenant and configure additional email addresses for email notification as well. The notification email will include the latest Synchronization Errors report for your Azure AD Connect.

    

    Azure AD Connect Health is an Azure AD Premium feature and requires Azure AD Premium license. If you do not have a premium license, you can start a free 30-day trial (https://azure.microsoft.com/en-us/trial/get-started-active-directory/) and test this feature out. For other requirements, related to required TCP ports, URLs, SSL inspections etc. please check the Requirements section of Azure AD Connect Health Agent Installation.


    Please "mark as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.


    Thursday, November 7, 2019 9:07 AM
  • @CManasa,

    I just wanted to follow up, if you have any further questions. If you have got the answer to your questions, p
    lease take a moment to "mark as answer" or "vote as helpful" to help others in the community.
    Friday, November 8, 2019 9:16 AM
  • CManasa

    I wanted to check with you if the above response helped in answering your query. If yes, I would request you to please mark the response as "Answer" by selecting the option "Mark as answer", so that it helps others visiting the forum with similar queries.

    Wednesday, November 13, 2019 6:36 AM
  • Hello @CManasa

    This is to follow up on this thread if the above response was helpful. Please let me know if you have any further questions.

    Please "mark as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.

    Thank you!

    Friday, November 15, 2019 8:37 AM
  • Please let us know if you were able to resolve the issue from the replies before. If you still have more questions please let us know with some additional information regarding your question and we'll try to resolve it. It may require additional support escalation if we are unable to resolve this on this msdn thread. 

    If there's no more follow ups in regards to this, I will be marking an answer as answer. If you feel your question has not been answered please let us know anymore pending asks and we can try to follow up accordingly. 

    thanks,

    - Frank H.

    Tuesday, November 26, 2019 7:50 PM
  • I'm following up on this please let us know if there are anymore questions. As it looks like this issue has been resolved within the scope of the MSDN Thread Question, I will be marking the response as answer. Please let me know if your question has not been answered, and I can go ahead and unmark it as answer or feel free to mark it as unanswer yourself. Also please remember to post future questions on the new Q&A Forums here : https://docs.microsoft.com/answers/index.html Thanks
    Wednesday, December 11, 2019 7:06 PM