Hi
We have Azure AD connect (1.2.7) installed, and it's syncing user accounts and password hashes to 5 different domains more or successfully. We do not use password writeback.
We have added a further domain, with the same settings as the other ones. The domain has a single 2012r2 DC.
For this domain, password sync does not work.
I think I can see a possible reason for this, but not sure how to fix it. When I run the AADconnect troubleshooting tool, it says this specific domain has password writeback enable. (the others do not say this)
Azure AD Connect Password Writeback - Status
| SourceConnector: | troublesomedomain.internal |
| TargetConnector: | publicdomain.com - AAD |
| Enabled: | True |
| LatestHeartBeatTime: | N/A |
I have rerun the wizard, ensuring password writeback is off. It is. Run the script here to reset sync on that connector: https://social.technet.microsoft.com/wiki/contents/articles/28433.how-to-use-powershell-to-trigger-a-full-password-sync-in-azure-ad-sync.aspx
but still it says password writeback is enabled on that connector.
Any ideas on how to turn it off? I suspect that's why the password sync is not working.