Recently, 16th of February, the Azure Active Directory Connect was updated to version, with some nice features like device writeback, OU filtering during wizard and a new default sync interval. Read more about the features at the AAD Connect Version Release History.

Regarding the scheduler for AAD Connect, there is a new default sync interval, so instead of 3 hours it is 30 minutes. This scheduler is customizable and more information can be found on the Scheduler page. It is configurable by PowerShell and some commands that might come in handy are:

  • Get and Set information about the Scheduler: Get-ADSyncScheduler/Set-ADSyncScheduler
  • Run a Delta synchronization now: Start-ADSyncSyncCycle -PolicyType Delta
  • Run a Full synchronization now: Start-ADSyncSyncCycle -PolicyType Initial
  • And if you for any reason need to stop an ongoing sync: : Stop-ADSyncSyncCycle

Anyway back to my recent issue. Now it was my turn to upgrade and after the upgrade new users was synchronized but I could not logon with the password. I head over to the event log and found this error

Log Name:      Application
Source:        Directory Synchronization
Event ID:      655
Level:         Error
Failed credential provisioning ping. Error: Microsoft.MetadirectoryServices.ServerDownException: Unexpected exception thrown. Action: ProvisionCredentials, Exception: An error occurred. Error Code: 90. Error Description: Password Synchronization has not been activated for this company. — CUT —

I know this has been working before, and know there is a KB for this issue: User passwords aren’t synced, and “Password Synchronization has not been activated for this company” error is logged in Event Viewer

So with these lines of PowerShell the Password Synchronization was enabled again and problem solved quick and easy

Import-Module ADSync
$aadcon = Get-ADSyncConnector | Where {$_.Type -eq “Extensible2”}
Set-ADSyncAADPasswordSyncState -ConnectorName $aadcon.Name -Enable $True

Two other resources that are good to have close

How to troubleshoot password synchronization when using an Azure AD sync appliance

How to Use PowerShell to Trigger a Full Password Sync in Azure AD Sync