In every organization, the possibility of role changes or change of contact information can occur quite frequently. AzureAD Connect is a great tool that allows administrators to make said updates either on-premises or in cloud and will sync all changes accordingly. It can take up to 30 minutes for Azure Active Directory to update these changes when these changes are applied on the on-premises Active Directory instance and vice-versa via AzureAD Connect. It can also take up to an additional 30 minutes to then sync changes with Office 365. This post will detail steps to force AzureAD Connect to sync on command when required via PowerShell to combat the delay.
Lets begin.
- Run PowerShell
Run PowerShell
- Run the following command to install the AzureAD Sync module:
Import-Module ADSync
- Next lets review the current intervals AzureAD Connect uses to sync by running the following command.
Get-ADSyncScheduler
NOTE: The report should show intervals of 30 minute syncs and a sync policy type of Delta. A sync policy type of Initial is usually shown after AzureAD Connect's initial sync but can also be forced as detailed in the next step.
- Now run the following command to initialize the AzureAD Sync immediately.
Start-ADSyncSyncCycle -PolicyType Delta
NOTE: This will only sync current changes. Run the following command to force a complete sync but note that the length of sync time would be greatly increased.
Start-ADSyncSyncCycle -PolicyType Initial
Other customized commands can be applied to AzureAD Connect to conduct specific synchronization tasks. These additional commands are documented here: Azure AD Connect sync: Understand and customize synchronization.
Microsoft
