Continuing my rant about buggy Windows Updates -- especially .NET Framework -- I've found that even the latest "fixed" .NET Framework updates still cause high CPU on AAD Connect servers.
On Windows Server 2012 R2 the offending update is 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558). This "quality" rollup is actually a package that contains three different .NET Framework updates:
- KB4338415 - Security and Quality Rollup updates for .NET Framework
- KB4338419 - Security and Quality Rollup updates for .NET Framework
- KB4338424 - A rollup update that is not available as a stand-alone package
It turns out that KB4338419 is the real offender that causes a race condition on the Microsoft.Identity.Health.AadSync.MonitoringAgent.Startup.exe process. If your AAD Connect server is experiencing high CPU for this process, uninstall KB4338419 or the entire KB4340558 package.
- There are different KB packages for different OS's. Find the update that matches your OS in "installed updates"
- Uninstalling these updates requires a restart (again)
- .NET will recompile its assemblies when the computer restarts (again)
- Windows Update will recommend installing these updates again. Do not install them. Better yet, hide them so Windows Update no longer offers them.