User passwords aren't synced, and "Password Synchronization has not been activated for this company" error is logged in Event Viewer

Applies to: Office 365

PROBLEM


After you discover that some users can't sign in to a Microsoft cloud service such as Office 365, Microsoft Intune, or Microsoft Azure, you notice that user passwords aren't being synced from your local Active Directory Domain Services (AD DS) environment to Azure Active Directory (Azure AD). When you view the Application log in Event Viewer, you see that the following event ID 6900 error is logged:
The server encountered an unexpected error while processing a password change notification:
"An error occurred. Error Code: 90. Error Description: Password Synchronization has not been activated for this company
This issue may occur if password synchronization was disabled after it was set up in the Azure AD sync appliance.

SOLUTION


To resolve this issue, enable password synchronization. To do this, take one of the following actions, as appropriate to the Azure AD sync appliance that you're running.

If you're running the Azure Active Directory Sync tool

Run the Azure Active Directory Sync Configuration Wizard, and then, on the Password Synchronization page, select the Enable Password Synchronization check box. Doing this finishes password synchronization setup and starts a full sync.

If you're running Azure AD Connect

  1. Open Windows PowerShell.
  2. Run the following commands:
    1. Import-Module ADSync 
    2. $aadcon = Get-ADSyncConnector | Where {$_.Type -eq "Extensible2"} 
    3. Set-ADSyncAADPasswordSyncState -ConnectorName $aadcon.Name -Enable $True 

MORE INFORMATION


Still need help? Go to Microsoft Community or the Azure Active Directory Forums website.