Azure AD Sync is working but passwords are not updating
This can sometimes happen if the password hashes have not update correctly between your on premise AD server and Azure AD. To correct this you can run the below script which will force a full password sync with Azure AD.
$adConnector = “TheICTGuy.local“
$aadConnector = “TheICTGuy.onmicrosoft.com – AAD“
Import-Module adsync
$c = Get-ADSyncConnector -Name $adConnector
$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null
$p.Value = 1
$c.GlobalParameters.Remove($p.Name)
$c.GlobalParameters.Add($p)
$c = Add-ADSyncConnector -Connector $c
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true
You will need to run this script on the server that has the Azure AD Connector installed substitute TheICTGuy.local for the exact name of your domain as denoted in the Operations tab when in the Operations tab when in the Synchronization Services Manager located at “C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe”
TheICTGuy.onmicrosoft.com – AAD needs to be substituted with the exact name of your Azure AD tenant as denoted in Operations tab when the Synchronization Services Manager
