in Operating Systems

Unable to synchronize Passwords to Azure AD (Office 365)

We’re currently preparing to move our on-premise Exchange server to the Office 365 environment. We ordered the licenses already and we’re ready to create the users in the Azure AD. Obviously we aren’t making this a manual process, this will be automated. To do so we will use the tool supplied by Microsoft called the Azure Connect AD. Unfortunately I came across an issue that after a while the users are synchronized, but the passwords of the corresponding users won’t by synced at the same time or even worse: not at all. The Office 365 ‘dirsync’ panel stated the passwords haven’t been synced for over 3 days. Being unable to synchronize passwords means people can not log-in to the Office Portal with the credentials of your on-premise AD.

I dived in this problem and apparently the sync tool couldn’t sync some of the custom attributes that we’re created. An example: we installed a tool to display user pictures / profile pictures when logging in, the tool created some attributes to store the information of the location of these images. Somehow the Azure AD Connect tool couldn’t sync these attributes.

To solve this, open the ‘Synchronization Service’ program. This program is installed when installing Azure AD Connect, so there is no need to install new software. This tool helps your to synchronize passwords and user data.

SyncService

Once to program is open, you’re in the ‘Operations’ tab, click the ‘Connectors’ tab. You will see 2 connectors, one for your on-premise AD, and one for your Azure AD. Right click the first Connector and select ‘properties’.

Sync Service Connectors

A new windows opens, select ‘Select Attributes’. You will now see a list of your attributes of your AD, to make sure you see all the attributes, select the checkbox ‘Show All’. I recommend to check which attributes are created by the third-party software you’re using, uncheck these attributes and click ‘OK’.

Now select your other connector and uncheck the same attributes as you did in the previous step. Click ‘OK’ once again and let both the connectors run by either right clicking both connectors and select ‘Run’, or by using the Azure AD Connect tool to do a manual synchronization. Both tools may take some time to synchronize depending on the size of your AD.

Log-in to your Office 365 administrator panel and check the DirSync panel once again, it should show that your Directory and Password sync have been updated a few minutes ago.

DirSync Status

Related Posts