Azure AD connect force password sync

One issue with Azure AD Sync or DirSync was that the password sync can somethings stop working even if everything in the console is looking OK.

On previous versions of DIR Sync and Azure AD sync, there are PowerShell commands available to force a full password sync (See TechNet FAQ). With Azure AD Connect this PowerShell command no longer works and you have to trigger a full or incremental sync of passwords via a command line exe.

To run a sync, open PowerShell with Admin rights run the below commands.

C:Program FilesMicrosoft Azure AD SyncBinDirectorySyncClientCmd.exe initial
C:Program FilesMicrosoft Azure AD SyncBinDirectorySyncClientCmd.exe delta

The initial will run a full sync and a delta does an incremental. Its good practice to run them both.

Optionally… You can check the logs and see if an account has synced successfully.

Load Azure the Azure Synchronisation Manager and find the operation with outbound objects.

Select the user you wish to check and select the log.

The log will show the success/failure status and any additional information.

 This article was originally posted on Rafael Delgado’s SysCtr.info Blog – head over there to see more!

 

Related resources

Don’t Aim for BAU – Aim Higher!

It’s tempting to get back to business as usual, but it’s not the best way forward. Now’s the time to review everything you rolled out during lockdown and look for cost-cutting or…

Using Microsoft Graph Explorer

Using Microsoft Graph Explorer – firstly, what is it? It’s a tool that helps you interact with Graph APIs such as Intune, but also provides a base for learning to develop apps and scripts…

Are you looking at Microsoft EMS in the NHS?

We’re running this short live webinar and Q&A session to discuss the options, opportunities and requirements you need to think about if you’re considering taking advantage of the key security services within the new M365 contract.