Sync passwords between AD domains using PowerShell

Step 1: Install and import the required modules

Ensure the Active Directory module is installed and loaded by running the script below. This allows PowerShell to interact with AD.

Step 2: Configure trust between AD domains

For password synchronization to work, ensure both domains trust each other. This establishes a trust relationship between domainA.com and another domain.

Step 3: Enable password replication

Allow password changes to replicate between domains. This enables password replication between domainA.com and domainB.com.

Step 4: Sync passwords manually

Trigger an immediate password sync using the script below. This syncs only changed passwords instead of a full sync.

FAQs

1. How can I manually trigger password synchronization between AD domains?

Manually manually trigger password synchronization using the script below. This forces synchronization of changed passwords between domains.

2. How do I check if password sync is enabled?

Check if password sync is enabled by running the script below. If an AD connector exists, sync is enabled.

3. Can I sync passwords between two different forests?

Yes, but Azure AD Connect must be set up for cross-forest sync.