SCCM – Unable to delete Azure AD applications configured in SCCM

As you know, System Center Configuration Manager Current Branch (SCCM also known now as Endpoint Configuration Manager Current Branch) you can attach (tenant/cloud attach) your SCCM environment to Azure AD/Intune for implementing co-management and/or cloud services such as Desktop Analytics.

Well since  this feature has been introduce quite some time ago, the Azure Services you can use has been evolving a lot with services being deprecated – by the way Desktop Analytics is going to be.

If you have been using these Azure Services you may still have some of these deprecated services like OMS Connector (or it may have been already deleted).

These services when configured also created references under the Azure Active Directory Tenants of the Administration workspace referencing the related Azure AD applications.

In some situation you may ended to still have some Azure AD applications referenced there but you can not delete them because “The Azure tenant you are about to delete has one or more associated Azure services” while there is no more related Azure Service configured

image

The following actions have been provided by Microsoft Support and involve running SQL queries – this means do a backup before running them just in case.

The first query will list the Azure AD applications referenced in your environment; this will give you the ClientID you will need to use with the second query to delete the application

SELECT AE.ID, AE.ClientID, AE.Name [App Name], AE.IsClientApp, AE.IdentifierUri, AER.IsTombstoned, ACS.Name [Azure Service Name]

FROM AAD_Application_Ex AE

LEFT JOIN AAD_CloudServiceApplicationRelations AER ON AER.AADApplicationID = AE.ID

LEFT JOIN Azure_CloudService ACS ON ACS.ID = AER.ID

image

Now you have the ClientID you can run the below query to delete the application

DELETE FROM AAD_Application_Ex WHERE ClientID = ‘<the ClientID value from the previous query’

image

That’s it the application is now deleted and your SCCM environment is now cleaner.

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.