How to automate Azure AD Connect Directory Sync from CoreView

  • Last update on June 11th, 2025

Table of Contents

This procedure enables remote initiation of Azure AD Connect sync cycles directly from CoreView, enhancing your hybrid environment automation and management. 

Note: Microsoft has renamed Azure Active Directory (Azure AD) to Microsoft Entra ID as of 2024. The synchronization tool is still called Azure AD Connect, and continues to connect on-premises Active Directory with Microsoft Entra ID.

 

Step 1: Create a Scheduled Task on the Azure AD Connect Server

Create a scheduled task named RunScript that executes a PowerShell script to initiate an Azure AD Connect synchronization.

PowerShell Script Example (Save as C:\Temp\ADSync.ps1):

Import-Module ADSync
Start-ADSyncSyncCycle -PolicyType Delta
  • Name: RunScript
  • User Account: SYSTEM
  • Trigger: As needed or on a schedule (e.g., daily, hourly)
  • Conditions: Run whether the user is logged on or not
  • Privileges: Run with highest privileges

Best Practice: Store the PowerShell script in a reliable, secured folder (e.g., C:\Temp\ADSync.ps1) and protect it using NTFS permissions.

Step 2: Configure Remote PowerShell Access

Enable secure remote access for CoreView to invoke the scheduled task.

On the Azure AD Connect Server:

  1. Enable PowerShell Remoting
Enable-PSRemoting -Force
  1. Assign Permissions to CoreView Service Account
    • Add the CoreView service account to the Local Administrators group on the Azure AD Connect server.
      You can do this via:
      • Group Policy
      • Computer Management (Local Users and Groups > Administrators)
    • Verify the service account can use Remote PowerShell.

Security Note: Grant only the minimum privileges required for proper operation.

 

Step 3: Create the CoreView Custom Action

Define a CoreView Custom Action to remotely execute the scheduled task and trigger the directory synchronization.

PowerShell Script Example:

$Credentials = Get-CvADCredential
$session = New-PSSession -ComputerName server.domain.local -Credential $Credentials
Invoke-Command -Session $session -ScriptBlock {
    schtasks.exe /run /tn "RunScript"
}
  • Replace server.domain.local with your actual Azure AD Connect server hostname.
  • Replace "RunScript" with your actual scheduled task name, if different.

How it Works:

  • Retrieves the CoreView AD credential.
  • Establishes a secure remote session with the Azure AD Connect server.
  • Launches the defined scheduled task, which runs the sync script.

Additional Tips

  • Test each step independently before integrating into CoreView.
  • Monitor scheduled task history in Windows Task Scheduler for troubleshooting.
  • Regularly review access rights and script security.

By following these steps, you streamline directory synchronization and leverage CoreView for hybrid environment automation and compliance.

Related Articles

DID THIS PAGE HELP YOU?