Azure AD Sync is working but passwords are not updating

This can sometimes happen if the password hashes have not update correctly between your on premise AD server and Azure AD. To correct this you can run the below script which will force a full password sync with Azure AD.

$adConnector = “TheICTGuy.local
$aadConnector = “TheICTGuy.onmicrosoft.com – AAD
Import-Module adsync
$c = Get-ADSyncConnector -Name $adConnector
$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null
$p.Value = 1
$c.GlobalParameters.Remove($p.Name)
$c.GlobalParameters.Add($p)
$c = Add-ADSyncConnector -Connector $c
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true

You will need to run this script on the server that has the Azure AD Connector installed substitute TheICTGuy.local for the exact name of your domain as denoted in the Operations tab when in the Operations tab when in the Synchronization Services Manager located at “C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe”

TheICTGuy.onmicrosoft.com – AAD needs to be substituted with the exact name of your Azure AD tenant as denoted in Operations tab when the Synchronization Services Manager

If you found this article helpful, would you consider buying me a Coffee?