Forum Discussion

Raghuram P's avatar
Raghuram P
Copper Contributor
Dec 05, 2018

AADConnect - Accidental Delete Prevention

Any idea how to track changes done by the following cmdlets, nothing shows up in Azure Audit logs or in Sec and Compliance log.

Enable-ADSyncExportDeletionThreshold
Disable-ADSyncExportDeletionThreshold

 

Thanks In Advance

  • Those cmdlets can be audited on the local server running the AAD Connect instance, not in O365.

    • Raghuram P's avatar
      Raghuram P
      Copper Contributor

      Thanks for your reply.

      Does this mean that "settings" are stored on the server and not in Azure AD? When these cmdlets are run, they prompt for account with GA rights, so was expecting that these values are stored in Azure AD ( tracked/audited for changes). 

      "cmdlets can be audited on the local server", refer to PowerShell module logging / process creation?

       

       

Resources