Notitie
Voor toegang tot deze pagina is autorisatie vereist. U kunt proberen u aan te melden of de directory te wijzigen.
Voor toegang tot deze pagina is autorisatie vereist. U kunt proberen de mappen te wijzigen.
Opmerking
Dit artikel bevat stappen voor het verwijderen van persoonsgegevens van het apparaat of de service en kan worden gebruikt om uw verplichtingen onder de AVG te ondersteunen. Zie voor algemene informatie over AVG de AVG-sectie van het Vertrouwenscentrum van Microsoft en de AVG-sectie van de Service Trust Portal.
Opmerking
This article deals with Microsoft Entra Connect and user privacy. For information on Microsoft Entra Connect Health and user privacy see the article here.
Improve user privacy for Microsoft Entra Connect installations in two ways:
- Upon request, extract data for a person and remove data from that person from the installations
- Zorg ervoor dat er meer dan 48 uur geen gegevens worden bewaard.
The Microsoft Entra Connect team recommends the second option since it is much easier to implement and maintain.
A Microsoft Entra Connect Sync server stores the following user privacy data:
- Data about a person in the Microsoft Entra Connect database
- Data in the Windows Event log files that may contain information about a person
- Data in the Microsoft Entra Connect installation log files that may contain about a person
Microsoft Entra Connect customers should use the following guidelines when removing user data:
- Delete the contents of the folder that contains the Microsoft Entra Connect installation log files on a regular basis – at least every 48 hours
- This product may also create Event Logs. To learn more about Event Logs logs, please see the documentation here.
Data about a person is automatically removed from the Microsoft Entra Connect database when that person’s data is removed from the source system where it originated from. No specific action from administrators is required to be GDPR compliant. However, it does require that the Microsoft Entra Connect data is synced with your data source at least every two days.
Delete the Microsoft Entra Connect installation log file folder contents
Regularly check and delete the contents of c:\programdata\aadconnect folder – except for the PersistedState.Xml file. This file maintains the state of the previous installation of Azure A Connect and is used when an upgrade installation is performed. This file doesn't contain any data about a person and shouldn't be deleted.
Belangrijk
Do not delete the PersistedState.xml file. This file contains no user information and maintains the state of the previous installation.
You can either review and delete these files using Windows Explorer or you can use a script like the following to perform the necessary actions:
$Files = ((Get-ChildItem -Path "$env:programdata\aadconnect" -Recurse).VersionInfo).FileName
Foreach ($file in $files) {
If ($File.ToUpper() -ne "$env:programdata\aadconnect\PERSISTEDSTATE.XML".toupper()) # Do not delete this file
{Remove-Item -Path $File -Force}
}
Schedule this script to run every 48 hours
Use the following steps to schedule the script to run every 48 hours.
Save the script in a file with the extension .PS1, then open the Control Panel and click on Systems and Security.
Under the Administrative Tools heading, click on Schedule Tasks.
In Task Scheduler, right click on Task Schedule Library and click on Create Basic task…
Voer de naam voor de nieuwe taak in en klik op Volgende.
Select Daily for the task trigger and click on Next.
Set the recurrence to 2 days and click Next.
Select Start a program as the action and click on Next.
Type PowerShell in the box for the Program/script, and in box labeled Add arguments (optional), enter the full path to the script that you created earlier, then click Next.
In het volgende scherm ziet u een samenvatting van de taak die u gaat maken. Verify the values and click Finish to create the task.