AD-Connect : Force full sync of passwords

Get the names of these from your AD-Connect server, under the connections tab, the names are case sensitive:

 $adConnector = "active directory name"

$aadConnector = "aad directory name"

Then this is the script:

 $adConnector = "<CASE SENSITIVE AD CONNECTOR NAME>"

$aadConnector = "<CASE SENSITIVE AAD CONNECTOR NAME>"

Import-Module adsync

$c = Get-ADSyncConnector -Name $adConnector

$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter "Microsoft.Synchronize.ForceFullPasswordSync", String, ConnectorGlobal, $null, $null, $null

$p.Value = 1

$c.GlobalParameters.Remove($p.Name)

$c.GlobalParameters.Add($p)

$c = Add-ADSyncConnector -Connector $c

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true

Previous Post Next Post

نموذج الاتصال