다음을 통해 공유

AADConnect PowerShell: Manual operations

  • 아티클

Importing PowerShell Module

Import-Module ADSync

Check current sync schedule

Get-ADSyncScheduler

To set sync interval to every 3 hours

Set-AdSyncScheduler -customizedsycncecleinterval 03:00:00

**Start by telling the scheduler to stop its current cycle with the PowerShell cmdlet **

Stop-ADSyncSyncCycle

To initiate a full sync cycle, run

Start-ADSyncSyncCycle -PolicyType Initial

Force Synchronisation

It could be that you have an urgent change which must be synchronized immediately which is why you need to manually run a cycle.

Start-ADSyncSyncCycle -PolicyType Delta

To check current sync status

Get-ADSyncConnectorRunStatus 

Example,

PS C:\Users\Administrator> Start-ADSyncSyncCycle -PolicyType Delta

PS C:\Users\Administrator> Get-ADSyncConnectorRunStatus

   RunState ConnectorName   

   -------- -------------   

   Busy mfa01.onmicrosoft.com - AAD  

  

Manual sync for password

$adConnector  = "mfalab3.com"

$aadConnector = "mfa01.onmicrosoft.com - AAD"

$c = Get-ADSyncConnector -Name $adConnector

$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null

$p.Value = 1

$c.GlobalParameters.Remove($p.Name)

$c.GlobalParameters.Add($p)

$c = Add-ADSyncConnector -Connector $c

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true 

Example

PS C:\Users\Administrator> Get-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector

SourceConnector  TargetConnector  Enabled

---------------  --------------- -------

mfalab3.com mfa01.onmicrosoft.com - AAD  False