Azure AD connect force password sync

One issue with Azure AD Sync or DirSync was that the password sync can somethings stop working even if everything in the console is looking OK.

On previous versions of DIR Sync and Azure AD sync, there are PowerShell commands available to force a full password sync (See TechNet FAQ). With Azure AD Connect this PowerShell command no longer works and you have to trigger a full or incremental sync of passwords via a command line exe.

To run a sync, open PowerShell with Admin rights run the below commands.

C:Program FilesMicrosoft Azure AD SyncBinDirectorySyncClientCmd.exe initial
C:Program FilesMicrosoft Azure AD SyncBinDirectorySyncClientCmd.exe delta

The initial will run a full sync and a delta does an incremental. Its good practice to run them both.

Optionally… You can check the logs and see if an account has synced successfully.

Load Azure the Azure Synchronisation Manager and find the operation with outbound objects.

Select the user you wish to check and select the log.

The log will show the success/failure status and any additional information.

 This article was originally posted on Rafael Delgado’s SysCtr.info Blog – head over there to see more!

 

Share on Facebook
Share on Twitter
Share on LinkedIn

Related blogs

two people at desk looking at code

AOVPN DPC V4.0 is Now Live!

Today we’re very excited to announce the release of AOVPN DPC 4.0 with support for Windows 11! AOVPN Dynamic Profile Configurator is now functional with