KnowledgeBase: High CPU Usage for Azure AD Connect Health Sync Monitor with .NET Framework 4.7.2 Installed

Smoking CPU

KnowledgeBaseToday, there is an issue in a component of Azure AD Connect version 1.1.819.0, Microsoft free Hybrid Identity bridge product, that enables you to synchronize objects and their attributes between your on-premises Active Directory Domain Services (AD DS) environment(s) and Azure Active Directory.

The Azure AD Connect Health Sync Monitor Service consumes lots of CPU.

 

About Azure AD Connect Health

Azure AD Connect Health helps administrators monitor and gain insights into their Hybrid Identity implementations. It enables you to maintain a reliable connection to Office 365 and Microsoft Online Services by providing monitoring capabilities for your key identity components:

  • Azure Active Directory Connect installations
  • Active Directory Federation Services (AD FS) servers
  • Web Application Proxies
  • Active Directory Domain Controllers

Azure AD Connect Health makes the key data points about these components easily accessible in the Azure AD Connect Health portal so performance monitoring, usage analysis, troubleshooting and gaining other important insights becomes easy.

Note:
The Azure AD Connect Health component is installed, by default, with Azure AD Connect and, by default, sends diagnostic data to Microsoft. However, an Azure AD Premium license is needed to access the Azure AD Connect Health Portal.

 

The situation

You have installed Azure AD Connect version 1.1.819.0 or your Azure AD Connect version has automatically upgraded to version 1.1.819.0, along with the auxiliary components, like Azure AD Conect’s Health Agent for Sync. Version 1.1.819.0 of Azure AD Connect comes with Health Agent for Sync version 3.0.164.

You can check these versions in Programs and Features:

Azure AD Connect's version and components in Programs and Features (click for original screenshot)

 

The issue

The Azure AD Connect Health Sync Monitoring Service with version 3.0.164 of the Health Agent for Sync (AzureADConnectHealthSyncMonitor) is always running with high CPU usage. When you stop the service and start it again, CPU usage is normal for the service for a few minutes, before it starts consuming many CPU cycles again.

Reinstalling or reregistering the Azure AD Connect Health Sync Monitoring Service does not resolve the situation.

 

The cause

Azure AD Connect Health’s Sync Monitoring Service is causing high CPU usage, because of .NET Framework 4.7.2.

 

The solution

Uninstalling the package that upgrades .NET Framework to version 4.7.2 from the Windows (Server) installation that runs Azure AD Connect solves the issue:

    • On Windows Server 2012, uninstall the Update for Microsoft Windows (KB4054542).
    • On Windows 8.1 and Windows Server 2012 R2, uninstall the Update for Microsoft Windows (KB4054566).
    • On Windows 10 Anniversary Update, Windows 10 Creators Update and Windows Server 2016, uninstall the Update for Microsoft Windows (KB4054590).
    • In Windows 10 Fall Creators Update, uninstall the Update for Microsoft Windows (KB4073120).

Note:
.NET Framework 4.7.2 is not a security release of .NET Framework, but a compatibility update…

 

Concluding

Software isn’t perfect. It has bugs and vulnerabilities, but the speed in which a software vendor remedies these brings trust. When two teams in a large software vendor, like Microsoft, create incompatibilities, this reduces trust.

Further reading

What’s new in the .NET Framework
Azure AD Connect Health Sync Monitor High CPU Usage

One Response to KnowledgeBase: High CPU Usage for Azure AD Connect Health Sync Monitor with .NET Framework 4.7.2 Installed

  1.  

    Having this issue on 2012 standard but this update is not installed????
    Did start after windows updates though
    KB4338830
    KB4338421
    KB4338418

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.