Resume EntraID Sync

Question

Hi All,

I do not want one of my OUs to be synced from on-prem AD to Entra ID. I have already unchecked the OU in the Entra ID sync settings (i.e., Customize Synchronization Options).

However, I received an email from Microsoft stating:

"The export operation to Microsoft Entra ID has failed. There were more objects to be deleted than the configured threshold. As a result, no objects were exported."

Currently, I see the connector status as: stopped-deletion-threshold-exceeded

The deletions are expected in this case. How can I resume the synchronization?I am logged in with the account user1( ******@contoso.com, and I have Global Admin rights. Do I need to run the following command to proceed?

Disable-ADSyncExportDeletionThreshold -AADUserName "user1"

Answer 1

Hello Roger Roger,

Thanks for your question.

You need to be careful here and ensure all the objects are intended in sync manager. But since you have confirmed, you need to increase the threshold.

If all the objects pending deletion are supposed to be deleted in Microsoft Entra ID, then using your Entra Global Administrator or Hybrid Identity Administrator credential, do the following steps:

1. To temporarily disable this protection and let all the deletions go through, run the PowerShell cmdlet: Disable-ADSyncExportDeletionThreshold -AADUserName "<UserPrincipalName>".
2. With the Microsoft Entra Connector still selected, select the action Run and select Export.
3. To protect against unexpected deletions in the future, ensure the deletion threshold feature isn't permanently disabled. To re-enable the protection with the default value, run: Enable-ADSyncExportDeletionThreshold -DeletionThreshold 500 -AADUserName "<UserPrincipalName>".

The above is cited from:

https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sync-feature-prevent-accidental-deletes#if-all-deletions-are-desired

You can mark it 'Accept Answer' and 'Upvote' if this helped you

Regards,

Abiola