Despite the current versions of Azure AD Connect running the main synchronisation task every 30 minutes, there are still times when we want to force the task. As a result of this, a question was floated if that changed the existing schedule. If the next scheduled instance is in 10 minutes, and we run a manual task right now does that mean that another task will execute in 10 minutes?
TL;DR
In short – no.
Let's have a quick look at an example deployment and review the how the Azure AD Connect scheduler is altered after running a manual task.
Starting Schedule
The below is Azure AD Connect version 1.5.45.0 on Windows Server 2016. MIISClient.exe is used to look at the run history.
"C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe"
Note that the tasks are running every 30 minutes at roughly 08 and 28 minutes after the hour.
Run Manual Delta Sync
Then we kick off a manual delta sync to push up some modifications to Azure AD.
Start-ADSyncCycle –PolicyType Delta
This manual tasks was initiated at 15:04, and the individual run elements are shown at the top in this image:
The task completes in the same minute – 15:04 as this is a small test lab.
Changes to Scheduler
Now that the one time manual task has completed, lets take a look at the Azure AD Connect scheduler to see the next start time.
Get-ADSyncScheduler
Note that the next start time is 30 minutes from now, at 15:04.
If we wait and monitor the subsequent tasks you will see that the timing has been adjusted. They now run 04 and 34 minutes after the hour.
The highlighted line is the last occurrence on the previous schedule.
This pattern is consistent. If we check back after a four days, the same behaviour is observed. The manual task has adjusted future scheduling.
Bootnote
Note that we are looking at the main Azure AD Connect synchronisation process. There is a second aspect which is used as part of Password Hash Sync (PHS) and has a separate cadence. PHS is performed every two minutes so that changes to passwords are processed in near real time.
You may also recall there there have been a series of changes to the mechanism used for the scheduling aspect. This evolved as we went from DirSync, to Azure AD Sync to Azure AD Connect. Previously external configuration on the timing was used and also Windows Scheduled Tasks. Nowadays the scheduler is built into the core product and is managed and operated directly from Azure AD Connect.
The scheduler is responsible for object & attribute sync in addition to also executing maintenance tasks. The maintenance tasks include purging old entries in the run history, renewing keys and certificates for password reset and Device Registration Service.
It is also expected that Azure AD Connect is set to synchronise at least once every 7 days, else a full sync will be required. Not a major issue in a small deployment, but this can take significant time at scale.
Cheers,
Rhoderick
