Office 365 – DirSync now includes feature to avoid mass deletion

With the Office 365 May update, one improvement is related to the Directory Synchronization tool which now include a feature to avoid mass deletion.

This feature can be important to limit the impact of administration mistakes, such as deleting the OU hosting all the user accounts.

To take advantage of this new feature, you must run the DirSync tool in version 6765.0006 or later.

Once you are running the correct version, just open the DirSyncConfigShell.psc1 (located below the %programfiles%\Windows Azure Active Directory Sync directory) (as usual, use the Run As Administrator Smile) and execute the following command Set-PreventAccidentalDeletes -Enable –ObjectDeletionThreshold <Integer> – replace Integer with the threshold value to stop the synchronization. If the number of item reach or is bigger than the threshold, you will receive a notification email.

You will be asked to enter your Office 365 administrative credential

image 

The following message will be displayed after successfully applying the setting

PreventAccidentalDeletes was enabled for your company in Azure Active Directory

image 

Then you will have to go to your DirSync server, open the console (miisclient.exe located %programfiles%\Windows Azure Active Directory Sync\SYNCBUS\Synchronization Service\UIShell) to check what happen. If you are happy with the deletion, just run Set-PreventAccidentalDeletes –Disable from the DirSyncConfigShell.psc1 and execute a full synchronization; if you are not happy, just restore the delete items from the directory.

Off course, if you have disabled the threshold to acknowledge a mass deletion, you will have to redefine the value after.

Here is a sample of the notification email

image 

When disabling the option

image 

Check the DirSync version

to check the version of DirSync you are currently running, just go the %programfiles%\Windows Azure Active Directory Sync directory, right click on the ConfigWizard.exe file and check the version

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.