豆子公司是上市公司，每年都需要审计。因此离职用户的信息不能删掉，只能disable掉。有的时候，桌面需要把一个离职用户的邮件重新添加到另一个用户的别名，以便继续接收邮件。但是Office365默认配置情况下 一个已经disable掉的用户，不管怎么改他都不会继续同步，这样造成的结果就是桌面经常修改的顺序不对，造成了本地的AD已经改了，但是修改的东西不会同步到office365, 或者直接office365认为已经有记录了，拒绝添加新的记录。

鉴于桌面支持的不靠谱，豆子每天都需要看看同步状态，然后通知桌面修改。登录主界面，然后点击DirSync Errors就能看见了

冲突的smtp地址记录

如何能自动获取这个界面呢？豆子刚开始找了半天的API，始终没找到，甚至都开始打爬虫的注意了，后来终于找到了相关的命令

https://docs.microsoft.com/en-us/powershell/module/msonline/get-msoldirsyncprovisioningerror?view=azureadps-1.0

下面是完整的脚本

Get-PSSession | Remove-PSSession$username = "aaa@bbb.com"$secureStringPwd = ConvertTo-SecureString -AsPlainText "password" -Force$creds = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $secureStringPwdConnect-MsolService -Credential $UserCredential$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $creds -Authentication Basic -AllowRedirectionImport-PSSession $Session$result=Get-MsolDirSyncProvisioningError | select Displayname, LastDirSyncTime, ObjectId, ObjectType, @{n='Error';e={$_.ProvisioningErrors.ErrorCategory}}, UserPrincipalName$from = "helpdesk@bbb.com"$to = "aaa@bbb.com"$smtp = "smtp.office365.com" $sub = "Office365 Sync Error" $secpasswd = ConvertTo-SecureString "Password" -AsPlainText -Force $mycreds = New-Object System.Management.Automation.PSCredential ($from, $secpasswd)$a = ""#import-csv C:\scripts\users.csv | ConvertTo-Html -Body "
 User List 
" -Head $a | out-file C:\temp\tt.html$htmlbody=$result| ConvertTo-Html -Body "
 Office365 DirSync Errors 
 
For Further details, please visit https://portal.office.com/adminportal/home#/dirsyncobjecterrors
" -Head $aSend-MailMessage -To $to -From $from -Subject $sub -Body ($htmlbody|Out-String) -Credential $mycreds -SmtpServer $smtp -DeliveryNotificationOption Never -BodyAsHtml -UseSsl -port 587 

收到邮件通知

成功之后设置一个计划任务

$settingspath='C:\users\yuan.li\Documents\GitHub\Powershell\SyncErrorNotification.ps1'if (Get-ScheduledTask -TaskName 'SyncNotification' -ErrorAction SilentlyContinue){    Unregister-ScheduledTask -TaskName 'SyncNotification' -Confirm:$false}$Action = New-ScheduledTaskAction -Execute 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' -Argument "-executionpolicy bypass -File '$settingspath'" $Trigger = New-ScheduledTaskTrigger -Daily -At '10AM'register-ScheduledTask -Action $Action -Trigger $Trigger -Settings (New-ScheduledTaskSettingsSet -Compatibility Win8) -User 'aa' -Password 'pass' -RunLevel Highest -TaskName 'SyncNotification'Start-ScheduledTask -TaskName 'SyncNotification

结果如下