Issue:
We have a new user who can log into all O365 locally installed applications. He is not able to access office.com or log in to O365 applications on his mobile device. For some reason it seems his password is not properly replicating from local AD to O365. The user is a@domain.com We can see any reason on our end as to why he can access everything while on our network, but not when trying to access O365 in cloud.
Error message.
This problem was discovered originally for one user, but I now believe passwords are not syncing for all users.
Solution:
The password heartbeat failed 10/25, so any changed passwords since then were not syncing. To resolve, Microsoft had me run a full sync by executing the PowerShell script below.
PS Script:
$adConnector = "<CASE SENSITIVE AD CONNECTOR NAME>"
$aadConnector = "<CASE SENSITIVE AAD CONNECTOR NAME>"
Import-Module adsync
$c = Get-ADSyncConnector -Name $adConnector
$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter "Microsoft.Synchronize.ForceFullPasswordSync", String, ConnectorGlobal, $null, $null, $null
$p.Value = 1
$c.GlobalParameters.Remove($p.Name)
$c.GlobalParameters.Add($p)
$c = Add-ADSyncConnector -Connector $c
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true
Comments
0 comments
Please sign in to leave a comment.