Cloud Sync Agent Removal

Ghalied Majiet 20 Reputation points
2025-01-10T17:00:22.33+00:00

Hi

How would I go about deleting an old cloud agent in the Azure portal ?

Regards

G

11

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,840 questions
{count} votes

Accepted answer
  1. Abiola Akinbade 21,780 Reputation points
    2025-01-10T17:13:50.5933333+00:00

    Hello Ghalied Majiet,

    Thanks for your question.

    Any unused connectors/agents are tagged as inactive and are removed automatically after 10 days of inactivity.

    So, you may not need any action from your end. This is cited from: https://learn.microsoft.com/en-us/answers/questions/1310381/unable-to-remove-old-azure-cloud-agent-from-aad-po

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
  1. Thameur-BOURBITA 34,936 Reputation points
    2025-01-11T21:18:55.88+00:00

    Hi @Ghalied Majiet

    I invite you to refer to the following thread:

    Remove Azure AD cloud sync agent

    Remove a configuration


    Please don't forget to accept helpful answer


    0 comments No comments

  2. Sandeep G-MSFT 20,371 Reputation points Microsoft Employee
    2025-01-13T05:49:59.8766667+00:00

    @Ghalied Majiet

    Thank you for posting this in Microsoft Q&A.

    Once you uninstall the Provisioning agent, below is the expected behavior,

    1. If you shut down a connector (or uninstall the agent), the traffic immediately gets load-balanced to the other healthy connectors in the same connector group.
    2. After 1 hour, a connector becomes "inactive" in the UI. It still shows up in the UI, but with status=inactive.
    3. After 10 days, a connector becomes "soft deleted" in the system. At this point, we don't even load the data for that connector from our SQL DB. The data is still in the DB, we just don't load it. The agent is not displayed at the UI anymore.
    4. A connector can still go back to fully active status, even after it is soft-deleted. The agent is only ever gone for good after its agent certificate expires. Then requests to Bootstrap service and all other HIS services get denied, the connector can't interact with our systems anymore, and the only solution is to reinstall the agent.

    Other that this there are some interesting points to know:

    • When an agent bootstraps successfully, we update the last bootstrap timestamp for that agent in our SQL database.
    • Agents can still process requests even if they can't bootstrap, even if they are inactive in the UI. This could happen if the firewall is wrongly configured to deny traffic to Bootstrap service but allow traffic to Proxy service.
    • As long as the agent is not rebooted, it holds the configuration of the last successful bootstrap request, and it continues to work and process transactions even if the last bootstrap was days or weeks ago.
    • After an agent is rebooted, it needs at least 1 successful bootstrap to get the configuration it needs to start working.
    • Besides certificate expiration, connectors are designed to disconnect from Service Bus if they can't bootstrap for more than 90 days.

    Let us know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.