Support-Info: (CONNECTORS): Full Import on SQL Server MA is showing a large number of deletes
PRODUCTS INVOLVED
- Microsoft Identity Manager 2016 SP1
- Generic SQL Connector / SQL Management Agent
PROBLEM SCENARIO DESCRIPTION
Full Import (Stage Only) intermittently on a SQL MA showing a large number of deletes, which is unexpected. This causes deprovisioning to occur in the Identity Management Solution. Depending on how deprovisioning rules are setup, this can cause disconnected objects and/or deletions to occur on target management agents.
CAUSE
The Generic SQL Connector was referencing a SQL Server View which was being rebuilt via a SQL Server Maintenance Task occurring at the same time the Full Import (Stage Only) was running.
| NOTE | It is important to note, that if you have a Database Management Agent that points to a View (or Temporary Table) that is rebuilt, you might run into this issue as well. |
RESOLUTION
Ensure that the Full Import (Stage Only) occurs after the SQL Server Maintenance Task is completed to ensure that the accurate number of objects is represented in the connector space of the Generic SQL Connector / SQL Management Agent. In this case the schedule for SQL Maintenance Task which was rebuilding the SQL View was changed so that the task ran after the Full Import (Stage Only) was finished each day.
ADDITIONAL INFORMATION
- Generic SQL Connector Technical Reference: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-connector-genericsql
- MIM Connectors Download: https://www.microsoft.com/en-us/download/details.aspx?id=51495
Comments
- Anonymous
April 29, 2018
Don't think that this will never happen with your own FIM/MIM solution ... so before it does, look to set up a safeguard like this: https://themimteam.unifysolutions.net/user_group_meetings/disaster-avoidance/. If you're thinking there are thresholds OOTB with MA run profiles, think again - they are not enough, and you need to consider the approach discussed with ALL your sync configurations.