2024-07-24

recover/restore security groups in Azure

Restoring/recovering security groups in Azure is always permanent - we can't back with them... so in case of accidental deletion in On-Premise environment we are always in ... - according to this thread.

So if You have aadc - Azure AD Connect or something different to sync on premise with Azure every time when accidental deletion occurs every time deleted group will be lost. Stupid. Sollution for small companies.

2024-07-23

Azure AD Connect - prevent mass deletion of groups

Again we have the same problem with deleted security groups (change in synchronized containers, one of them have groups synchronized - outside of project, but very, very important groups), so how can we counteract groups deletion?

Maybe I can export last runtime log?

Get-ADSyncRunProfileResult [-RunHistoryId ] [-ConnectorId ] [-RunProfileId ] [-RunNumber ] [-NumberRequested ] [-RunStepDetails] [-StepNumber ] [-WhatIf] [-Confirm] []

Get-ADSyncRunStepResult [-RunHistoryId ] [-StepHistoryId ] [-First] [-StepNumber ] [-WhatIf] [-Confirm] []

Invoke-ADSyncRunProfile -ConnectorName -RunProfileName [-Resume] []



So I must change default synchronization cycles to my own cycles using Invoke-ADSyncRunProfile with imports for and analysis of deletion - I must stop exports to Azure when deletion of groups appear in syncstep, but can I look for waiting deletion in connector space for Azure?

Is there any interface, API? Lithnet module for PowerShell?