Skip to content

Azure AD Connect Log Maintenance

The Azure AD Connect Log is saved into an SQL database. It is a good idea to keep this database small to get the best performance and to prevent the Azure AD Connect Log 10GB limit.

Microsoft published a great documentation how to recover from LocalDB 10-GB limit.

Here is my approach to keep the Logs clean (as many know, I hate the GUIs):

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
function Clear-AADCSyncRuns
{
	<#
			.SYNOPSIS
			Cleanup the Azure Active Directory Connect Sync
	
			.DESCRIPTION
			Cleanup the Azure Active Directory Connect Sync
	
			.PARAMETER DaysToKeep
			Clear runs older than given value. 0 means only today.
	
			.EXAMPLE
			PS C:\> Clear-AADCSyncRuns
		
			# Clear runs older then 2 days
	
			.EXAMPLE
			PS C:\> Clear-AADCSyncRuns -DaysToKeep 0
		
			# Clear runs older then today.
	
			.NOTES
			Works with DirSync, or newer.
	#>
	
	[CmdletBinding()]
	[OutputType([string])]
	param
	(
		[Parameter(ValueFromPipeline = $true,
				ValueFromPipelineByPropertyName = $true,
		Position = 1)]
		[ValidateNotNullOrEmpty()]
		[Alias('Days')]
		[int]
		$DaysToKeep = 2
	)
	
	Process
	{
		# Get the local DirSync (FIM) server object
		$DirSync = (Get-WmiObject -Class 'MIIS_SERVER' -Namespace 'root\MicrosoftIdentityIntegrationServer')
	}
	
	End
	{
		# Clear runs older than X days
		$ResultTMP = ($DirSync.ClearRuns([DateTime]::Today.AddDays(- $DaysToKeep)))
		
		# Transform the result
		if ($ResultTMP) 
		{
			[string]$Result = $ResultTMP.ReturnValue
		}
		else 
		{
			[string]$Result = 'Unknown'
		}
		
		# Return
		Return $Result
	}
}

You will find the complete function on GIST.

As an addition, I set the days to keep in the history to three (3) days:

1
2
# Run this on the Host where Azure AD connect is installed, or via Remote PowerShell
Set-ADSyncScheduler -PurgeRunHistoryInterval 3.00:00:00

You can check your settings with the following command:

1
2
3
4
# Run this on the Host where Azure AD connect is installed, or via Remote PowerShell
Get-ADSyncScheduler
# or just the Purge Info
(Get-ADSyncScheduler).PurgeRunHistoryInterval

The Script should work with DirSync, Azure AD Sync, and Azure AD Connect.

This content is older than 2 years. It might be outdated.
Published inHowToPowerShell

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2018 by Joerg Hochwald. All rights reserved. ● Site is powered by Author