Scheduling Syncs for ADConnect Maintenance

We have loads of objects in our AD / Azure AD.. we believe doing regular Full Imports and Full Syncs for all the MA’s is a good way to make sure Sync engine is healthy.

Had recently visited #MSAUIGNITE 2017 in Gold Coast, Australia and SME’s there suggested Full Sync is not needed in environments unless there has been a connector change.. But I disagree and consider ADConnect as Microsoft Identity Manager (MIM / FIM) and by experience we have seen a good healthy sync engine we should do FI / FS for maintenance.

After doing some initial sync timings, found our FI from Azure took 9 hrs and FS took about 2 hrs. Likewise from AD FI took 1 hr and FS took 2 hrs.

Decided we wanted to schedule each FI and FS to make sure sync engine is all caught up out of business hours.


  • The MA is called “AzureAD”
  • Run Profile Name is called “Full Import”

Do the following on our ADConnect Sync Box

  • Create a powershell script with the following code and save it as “AzureFI.ps1” at a location say D:\SyncScript

  • Create a task scheduler and run as the same user which runs the sync engine.
  • Schedule it once a week / month as per your requirement. As per your initial tests, you can schedule it out of business hours say 10pm and by morning it is finished.
  • For action
    • Action: Start a Program
    • Program/Script: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    • Argument: -ExecutionPolicy Bypass -File “D:\SyncScript\AzureFI.ps1”

That’s it!!! You can create similar scripts and change ConnectorName / RunProfileName and create tasks for each at particular times.

You will have a healthy sync engine for ADConnect.


It's only fair to share...Share on Facebook
0Tweet about this on Twitter
Share on LinkedIn
Email this to someone
Share on Reddit
0Print this page

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.