AAD Sync Error: Deletion Threshold Reached

Ran in to a problem today with a customer running AAD Connect when trying to Export to the Azure Active Directory, the status of the Connector Operations showed “stopped-server-down” (See Below).

stopped-server-down

At the same time, I was called by the technical contact at the customer who said he had received a strange email from MSOnlineServicesTeam with the following message:

At Thursday, 19 November 2015 13:58:10 GMT the Identity synchronization service detected that the number of deletions exceeded the configured deletion threshold for Company Name [tanantname.onmicrosoft.com]. A total of 789 objects were sent for deletion in this Identity synchronization run. This met or exceeded the configured deletion threshold value of 500 objects.

We need you to provide confirmation that these deletions should be processed before we will proceed.

We are currently completing the rollout of AAD Connect at the customer and helping them remove any erroneous accounts from the scope to keep numbers on 365 down. Hence the large number of deletions!

Despite the long winded and unclear errors, the solution to this problem is quite simple. You can either disable the threshold completely by running the following command, and provide credentials for a global admin account for Office 365 when prompted:

Import-Module ADSync
Disable-ADSyncExportDeletionThreshold

Alternatively you could change the threshold to allow your changes using the following command:

Import-Module ADSync
Enable-ADSyncExportDeletionThreshold -DeletionThreshold $number

If you do disable your deletion threshold completely, remember to re-enable the threshold again afterwards running:

Enable-ADSyncExportDeletionThreshold

Hopefully this will save you some time when you run in to this issue in your environments!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s