Edit

Share via

Get-EntraDirSyncFeature

  • Reference
Module:
Microsoft.Graph.Entra

Checks the status of directory synchronization features for a tenant.

Syntax

Get-EntraDirSyncFeature
   [-TenantId <String>]
   [-Feature <String>]
   [<CommonParameters>]

Description

The Get-EntraDirSyncFeature cmdlet checks the status of directory synchronization features for a tenant.

Some of the features that can be used with this cmdlet include:

  • DeviceWriteback
  • DirectoryExtensions
  • DuplicateProxyAddressResiliency
  • DuplicateUPNResiliency
  • EnableSoftMatchOnUpn
  • PasswordSync
  • SynchronizeUpnForManagedUsers
  • UnifiedGroupWriteback
  • UserWriteback

The cmdlet can be run without specifying any features, in which case it returns a list of all features and their enabled or disabled status.

For delegated scenarios, the user needs to be assigned the Global Administrator role.

Examples

Example 1: Return a list of all directory synchronization features

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature

Enabled DirSyncFeature
------- --------------
  False BlockCloudObjectTakeoverThroughHardMatch
  False BlockSoftMatch
  False BypassDirSyncOverrides
  False CloudPasswordPolicyForPasswordSyncedUsers
  False ConcurrentCredentialUpdate
   True ConcurrentOrgIdProvisioning
  False DeviceWriteback
  False DirectoryExtensions
  False FopeConflictResolution
  False GroupWriteBack
  False PasswordSync
  False PasswordWriteback
   True QuarantineUponProxyAddressesConflict
   True QuarantineUponUpnConflict
   True SoftMatchOnUpn
   True SynchronizeUpnForManagedUsers
  False UnifiedGroupWriteback
  False UserForcePasswordChangeOnLogon
  False UserWriteback

This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False).

Example 2: Return the PasswordSync feature status

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature -Feature 'PasswordSync'

Enabled DirSyncFeature
------- --------------
  False PasswordSync

This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant.

  • -Feature specifies the directory synchronization feature to check the status of.

Parameters

-Feature

The directory synchronization feature to check the status of.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TenantId

The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False