Forum Discussion
Users is AD synced, but not able to sync passsword
On your screenshot from the list of users in Entra ID you can see the column "On-premises sync enabled" and the status for each user. One possible cause for the inconsistencies you're describing, would be that some users are getting synced and some are not.
When you can't reset the password from Entra ID, check if the status of the on-premise sync is enabled. When checking the password reset from the M365 admin center, make sure to check for the exact same user's UPN that you're checking it in Entra ID with.
You would need to check if the users whose "On-premises sync enabled" status is set to "no", are in the correct OU in your AD, that is scoped to sync with Entra.
If they are in the same OU, check if there are any other sync filters / rules preventing some users from syncing.
Check the Entra Connect Health status for errors. URL of the blade in Entra ID: https://entra.microsoft.com/#view/Microsoft_Azure_ADHybridHealth/AadHealthMenuBlade/~/SyncErrors
Common causes for sync conflicts are UPNs and primary smtp address attributes.
I recommend reproducing the sync issue with a test account and then going through steps that could resolve it, with minimizing user interruptions first.
Also, when all the sync conflicts are resolved and all users are only using one password, you can then configure password writeback. As the name implies this enables the password change in Entra ID to be written back to AD. But I wouldn't go forward with this configuration if there are still users who are not synced but should be, this seems to me like the more pressing issue.