KelvinTegelaar/adsync monitor.ps1

## adsync monitor.ps1
######### Secrets #########
$ApplicationId = 'AppID'
$ApplicationSecret = 'Appsecret' | ConvertTo-SecureString -Force -AsPlainText
$TenantID = 'TenantID'
$RefreshToken = 'RefreshToken'
$ExchangeRefreshToken = 'ExchangeRefreshtoken'
$UPN = 'Upnusedtogeneratetokens'
$Skiplist = "One.onmicrosoft.com", "Two.onmicrosoft.com"
######### Secrets #########
$credential = New-Object System.Management.Automation.PSCredential($ApplicationId, $ApplicationSecret)

Try {
    $aadGraphToken = New-PartnerAccessToken -ApplicationId $ApplicationId -Credential $credential -RefreshToken $refreshToken -Scopes 'https://graph.windows.net/.default' -ServicePrincipal
    $graphToken = New-PartnerAccessToken -ApplicationId $ApplicationId -Credential $credential -RefreshToken $refreshToken -Scopes 'https://graph.microsoft.com/.default'
}
catch {
    write-host "Could not get tokens: $($_.Exception.Message)"
    exit 1
}
Connect-MsolService -AdGraphAccessToken $aadGraphToken.AccessToken -MsGraphAccessToken $graphToken.AccessToken

$customers = Get-MsolPartnerContract -All | Where-Object { $_.DefaultDomainName -notin $skiplist }
$AlertingTime = (Get-Date).AddHours(-24)

$SyncState = foreach ($client in $customers) {
    Write-host "Getting dirsync information for $($client.Name)"
$SyncTimes = Get-MsolCompanyInformation -TenantId $client.TenantId

if($SyncTimes.LastPasswordSyncTime -le $AlertingTime -and $null -ne $SyncTimes.LastPasswordSyncTime){ "$($client.Name): Passwords have not been synced for 24 hours or more." }
if($SyncTimes.LastDirSyncTime -le $AlertingTime -and $null -ne $SyncTimes.LastPasswordSyncTime){ "$($client.Name): Directory has not been synced for 24 hours or more." }
}


if (!$SyncState) {
    write-host 'Healthy'
}
else {
    write-host "Unhealthy. Please check diagnostic data"
    exit 1
}
	######### Secrets #########
	$ApplicationId = 'AppID'
	$ApplicationSecret = 'Appsecret' \| ConvertTo-SecureString -Force -AsPlainText
	$TenantID = 'TenantID'
	$RefreshToken = 'RefreshToken'
	$ExchangeRefreshToken = 'ExchangeRefreshtoken'
	$UPN = 'Upnusedtogeneratetokens'
	$Skiplist = "One.onmicrosoft.com", "Two.onmicrosoft.com"
	######### Secrets #########
	$credential = New-Object System.Management.Automation.PSCredential($ApplicationId, $ApplicationSecret)

	Try {
	$aadGraphToken = New-PartnerAccessToken -ApplicationId $ApplicationId -Credential $credential -RefreshToken $refreshToken -Scopes 'https://graph.windows.net/.default' -ServicePrincipal
	$graphToken = New-PartnerAccessToken -ApplicationId $ApplicationId -Credential $credential -RefreshToken $refreshToken -Scopes 'https://graph.microsoft.com/.default'
	}
	catch {
	write-host "Could not get tokens: $($_.Exception.Message)"
	exit 1
	}
	Connect-MsolService -AdGraphAccessToken $aadGraphToken.AccessToken -MsGraphAccessToken $graphToken.AccessToken

	$customers = Get-MsolPartnerContract -All \| Where-Object { $_.DefaultDomainName -notin $skiplist }
	$AlertingTime = (Get-Date).AddHours(-24)

	$SyncState = foreach ($client in $customers) {
	Write-host "Getting dirsync information for $($client.Name)"
	$SyncTimes = Get-MsolCompanyInformation -TenantId $client.TenantId

	if($SyncTimes.LastPasswordSyncTime -le $AlertingTime -and $null -ne $SyncTimes.LastPasswordSyncTime){ "$($client.Name): Passwords have not been synced for 24 hours or more." }
	if($SyncTimes.LastDirSyncTime -le $AlertingTime -and $null -ne $SyncTimes.LastPasswordSyncTime){ "$($client.Name): Directory has not been synced for 24 hours or more." }
	}


	if (!$SyncState) {
	write-host 'Healthy'
	}
	else {
	write-host "Unhealthy. Please check diagnostic data"
	exit 1
	}