Passwords don't sync for users who are moved into scope to be synced in the Azure Active Directory Sync Tool

PROBLEM
Assume that your organization is using the Azure Active Directory Sync Tool to sync your on-premises environment to Microsoft Azure Active Directory (Azure AD). However, when users in your organization who are out of scope for password hash synchronization are moved into scope for password hash synchronization, their passwords don't sync. 

For example, you experience this issue after you move users from an existing organizational unit that's being filtered to an organizational unit that's being synced.

Note This article applies to you only if you have filtering for directory synchronization configured. For more info, see Configure filtering for directory synchronization.
SOLUTION

Solution 1: Have the user change his or her password

Having the user change his or her password triggers a request to have the password synced. You must wait a few minutes for the sync to occur.

Solution 2: Reset the user password

When an admin resets a user’s password from the user's local Active Directory schema and the reset password isn't temporary, a request will be sent to have the password synced. You must wait a few minutes for the sync to occur.

Solution 3: Perform a full password sync

A full password sync will sync passwords for all users. On the computer that has the Azure Active Directory Sync Tool installed, follow these steps:
  1. Perform a full password sync for all users who are synced through directory synchronization. To do this, follow these steps:
    1. Open Windows PowerShell, type Import-Module DirSync, and then press Enter.
    2. After the Windows PowerShell session starts, run the following cmdlet:
      Set-FullPasswordSync
  2. Restart the Forefront Identity Manager Synchronization Service. To do this, follow these steps:
    1. Click Start, click Run, type services.msc, and then click OK.
    2. In the list of services, right-click Forefront Identity Manager Synchronization Service, and then click Restart.
MORE INFORMATION
Still need help? Go to the Office 365 Community website or the Azure Active Directory Forums website.
Properties

Article ID: 2915221 - Last Review: 12/22/2015 17:27:00 - Revision: 12.0

Microsoft Azure Cloud Services, Microsoft Azure Active Directory, Microsoft Office 365, Microsoft Intune, CRM Online via Office 365 E Plans, Microsoft Azure Recovery Services, Office 365 Identity Management

  • o365 o365a o365e o365m o365022013 kbgraphxlink kbgraphic KB2915221
Feedback