For details, see:
In larger organizations, the number of devices deleted might be more than 500 which exceeds the deletion threshold. At this point, Azure AD Connect stops syncing. You might not notice it right away, but any new user accounts will not be synced up to Azure AD/Office 365.
In the Synchronization Service app, you will see a line with the status of:
stopped-deletion-threshold-exceeded
Before you attempt to fix the issues, you should verify that it is only device objects an not another accidental deletion issue. The steps for this from Microsoft are:
- Start Synchronization Service from the Start Menu.
- Go to Connectors.
- Select the Connector with type Azure Active Directory.
- Under Actions to the right, select Search Connector Space.
- In the pop-up under Scope, select Disconnected Since and pick a time in the past. Click Search. This page provides a view of all objects about to be deleted. By clicking each item, you can get additional information about the object. You can also click Column Setting to add additional attributes to be visible in the grid.
The fix for this issue is to allow the device deletes to occur by either increasing the threshold or disabling the threshold. You do this on your Azure AD Connect server using PowerShell.
To disable the threshold:
Disable-ADSyncExportDeletionThresholdTo increase the threshold:
Enable-ADSyncExportDeletionThreshold -DeletionThreshold 1000To set the threshold back to default:
Enable-ADSyncExportDeletionThreshold -DeletionThreshold 500The Microsoft documentation about the deletion threshold is here:
No comments:
Post a Comment