Force sync Azure AD Connect with PowerShell

We made urgent changes in the on-premises AD objects, and we like to have them synced with Azure AD. By default, every 30 minutes, a synchronization cycle is run. We can wait for 30 minutes or force synchronize the changes manually. Let’s go with option two and force sync Azure AD Connect with PowerShell.

Table of contents

Find Azure AD Connect server

How to know on which server Azure AD Connect is installed? Find the server with Windows PowerShell or in Microsoft Azure Portal.

Windows PowerShell

Start PowerShell as administrator. Make sure that you have privileges to search in Active Directory. After running the cmdlet, we know that AAD Connect is installed on Windows Server DC02.

PS C:\> Get-ADUser -LDAPFilter "(description=*configured to synchronize to tenant*)" -Properties description | % { $_.description.SubString(142, $_.description.IndexOf(" ", 142) -142)}
DC02

Suppose you did create an AD DS Connector account instead of the default AD DS Connector account when installing Azure AD Connect. It will not show the Azure AD Connect server with the above PowerShell cmdlet. Go through the next step and locate the Azure AD Connect server.

Microsoft Azure Portal

To find the Azure AD Connect server, follow these steps:

  1. Sign in to Microsoft Azure Portal
  2. Click on Menu > Azure Active Directory
  3. Select Azure AD Connect > Azure AD Connect Health
  4. Click on Sync services > Service name

The picture below shows that Azure Active Directory Connect Server is installed on Windows Server DC02.

Force sync Azure AD Connect with PowerShell Azure

Read more: How to find Azure AD Connect server »

Azure AD Connect scheduler configuration

Check the scheduler configuration. Sign in to the Windows Server, where you have the Azure AD connect installed. Start PowerShell as administrator and run Import-Module ADSync. Follow with the Get-ADSyncScheduler cmdlet.

PS C:\> Import-Module ADSync

PS C:\> Get-ADSyncScheduler


AllowedSyncCycleInterval            : 00:30:00
CurrentlyEffectiveSyncCycleInterval : 00:30:00
CustomizedSyncCycleInterval         : 
NextSyncCyclePolicyType             : Delta
NextSyncCycleStartTimeInUTC         : 19-8-2020 10:30:00
PurgeRunHistoryInterval             : 7.00:00:00
SyncCycleEnabled                    : True
MaintenanceEnabled                  : True
StagingModeEnabled                  : False
SchedulerSuspended                  : False
SyncCycleInProgress                 : False

What if you don’t want to sign in to the server where Azure AD Connect is installed? We can run the cmdlets in PowerShell from another server.

For example, we are on the Management Server MG01. Run the Enter-PSSession cmdlet to connect to the server DC02. In the end, run the Exit-PSSesion cmdlet to exit the interactive session.

PS C:\> Import-Module ADSync

PS C:\> Enter-PSSession -ComputerName DC02
[DC02]: PS C:\> Get-ADSyncScheduler


AllowedSyncCycleInterval            : 00:30:00
CurrentlyEffectiveSyncCycleInterval : 00:30:00
CustomizedSyncCycleInterval         : 
NextSyncCyclePolicyType             : Delta
NextSyncCycleStartTimeInUTC         : 19-8-2020 10:30:00
PurgeRunHistoryInterval             : 7.00:00:00
SyncCycleEnabled                    : True
MaintenanceEnabled                  : True
StagingModeEnabled                  : False
SchedulerSuspended                  : False
SyncCycleInProgress                 : False

In the next step, we will run the cmdlets to force sync Azure AD Connect.

Force sync Azure AD (delta sync cycle)

The delta sync will only sync the changes from AD on-premises to Azure AD.

PS C:\> Start-ADSyncSyncCycle -PolicyType Delta

Result
------
Success

Force sync Azure AD (initial sync cycle)

The initial sync will fully sync from AD on-premises to Azure AD. However, remember that the initial sync can take longer than the delta sync.

PS C:\> Start-ADSyncSyncCycle -PolicyType Initial

Result
------
Success

Azure AD Connect disable scheduler

Disable the Azure AD Connect sync scheduler if you have many changes on-premises. That will let the scheduler not kick in. When done, enable Azure AD Connect sync scheduler.

PS C:\> Set-ADSyncScheduler -SyncCycleEnabled $false

PS C:\> Set-ADSyncScheduler -SyncCycleEnabled $true

Did this article help you to force sync Azure AD Connect with PowerShell?

Keep reading: Find Azure AD Connect accounts »

Conclusion

You learned how to force sync Azure AD Connect with PowerShell. The default sync is 30 minutes, but that doesn’t mean that we can’t force it. Make use of the Delta and Initial sync cmdlets. Microsoft did write an excellent document about the Azure AD Connect sync scheduler.

Did you enjoy this article? You may also like Migrate Azure AD Connect to new server. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

TwitterLinkedIn

What Others Are Reading

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *