Azure AD Connect needs to be installed on a Windows Server with Desktop Experience, but this does not mean there aren’t some […] To start the installation of the Azure AD Connect Health Agent for AD FS, simply run the following command on the command line of the Server Core installation: C:\AdHealthAdfsAgentSetup.exe. When implemented, Azure AD Connect Health agent sends monitoring data from on-premises to the cloud and the data is visible from Azure AD Connect Health blade. In practical, in hybrid identity architecture most of the critical components health state can be viewed from single blade (slightly depends on scenario). Step 3. After setting up/registering the application in Azure AD you will have to use the application ID and secret in order to generate an authentication token to use against Azure management Rest API’s. Extract the zip file. It will provide you with precious information like alerts, performance, infrastructure configuration… AAD Connect Health logo This blog post will guide you through a complete installation step by step. In the Azure AD Connect Health AD FS Agent window, click the Install button. Installing the Azure AD Connect Health AD FS Agent. Get Azure AD application token. PowerShell cmdlets are available when you install Azure Windows PowerShell modules for Active Directory. Ways to check Active Directory synchronization status. The script is really easy to run, but if you don’t have much experience with PowerShell, or scripts in general, then here are the steps you can use to run this Active Directory Health Check script. Manual Azure AD Connect Health for Sync registration. I have created a basic Powershell function you can use, including an example authentication header. The Health agent uses the local system context and attempts to get a token for a self relying party. 2018-05-31 13:53:57.063 Microsoft Azure Active Directory Sync Services 2018-05-31 13:54:02.976 Aquiring Monitoring Service certificate using tenant.cert Register-AzureADConnectHealthSyncAgent : Failed configuring Monitoring Service using command: C:\Program Files\Microsoft Azure AD Connect Health … However, you can’t configure it, when using a privileged Azure Active Directory account that has multi-factor authentication enforced. If the Azure AD Connect Health for Sync agent registration fails after successfully installing Azure AD Connect, you can use the following PowerShell command to manually register the agent. Azure Active Directory Connect Azure Active Directory Connect Azure AD Connect Health for AD FS generates this alert when the Health Agent installed on an AD FS server fails to obtain a token as part of a synthetic transaction initiated by the Health Agent. Hi all, Microsoft released Azure Active Directory Connect Health, an Azure service that allow you to monitor and gain insight into the on-premises identity infrastructure. There are two ways to check synchronization status of synced users — using PowerShell cmdlets and the Azure AD Connect health tool. Download the Active Directory Health Check PowerShell script from this link. Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory.