-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathcheck_azureadconnectsync.ps1
53 lines (47 loc) · 1.62 KB
/
check_azureadconnectsync.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<#
.SYNOPSIS
Check Azure AD Connect Sync.
.DESCRIPTION
Check Azure AD Connect Sync status and returns Nagios output and code.
.PARAMETER Hours
Hours since the last synchronization.
Default: 3
.OUTPUTS
OK: Azure AD Connect Sync sync cycle enabled and not synced within last -Hours.
WARNING: Azure AD Connect Sync sync cycle enabled and not synced within last -Hours.
CRITICAL: Azure AD Connect Sync sync cycle not enabled.
.NOTES
Author: Juan Granados
#>
Param(
[Parameter(Mandatory=$false,Position=0)]
[ValidateNotNullOrEmpty()]
[int]$Hours=3
)
$Output = ""
$ExitCode = 0
$pingEvents = Get-EventLog -LogName "Application" -Source "Directory Synchronization" -InstanceId 654 -After (Get-Date).AddHours(-$($Hours)) -ErrorAction SilentlyContinue |
Sort-Object { $_.Time } -Descending
if ($pingEvents -ne $null) {
$Output = "Latest heart beat event (within last $($Hours) hours). Time $($pingEvents[0].TimeWritten)."
} else {
$Output = "No ping event found within last $($Hours) hours."
$ExitCode = 1
}
$ADSyncScheduler = Get-ADSyncScheduler
if (!$ADSyncScheduler.SyncCycleEnabled) {
$ExitCode = 2
}
if ($ADSyncScheduler.StagingModeEnabled) {
$Output = "Server is in stand by mode. $($Output)"
} else {
$Output = "Server is in active mode. $($Output)"
}
if ($ExitCode -eq 0) {
Write-Host "OK: Azure AD Connect Sync is up and running. $($Output)"
} elseif ($ExitCode -eq 1) {
Write-Host "WARNING: Azure AD Connect Sync is enabled, but not syncing. $($Output)"
} elseif ($ExitCode -eq 2) {
Write-Host "CRITICAL: Azure AD Connect Sync is disabled. $($Output)"
}
Exit($ExitCode)