Get the Password Hash Sync setting for Entra Cloud Sync using Microsoft Graph and PowerShell

I've recently blogged about how to Get the "Password Hash Sync" setting for Entra Cloud Sync using Microsoft Graph and PowerShell as part of a bigger blog "Get the Cloud Sync configuration for an Entra directory using PowerShell and Microsoft Graph"

The Password Hash Sync setting isn't a boolean value but actually an attribute mapping within the "user" object mapping.

# Determines whether password hash sync is enabled for the job. This only applies to "User and group sync" jobs.

function Get-IsPasswordHashSyncEnabled {

    param (

        $Job

    )

    $schema = Get-MgServicePrincipalSynchronizationJobSchema -ServicePrincipalId $configuration.Id -SynchronizationJobId $Job.Id;

    foreach ($objectMapping in $schema.SynchronizationRules[0].ObjectMappings)

    {

        if ($objectMapping.SourceObjectName -eq "user")

        {

            foreach ($attributeMapping in $objectMapping.AttributeMappings)

            {

                if ($attributeMapping.TargetAttributeName -eq "CredentialData")

                {

                    return $true;

                }

            }

        }

    }

    return $false;

}

Comments

Post a Comment

Popular posts from this blog

SOLVED: Exchange Online Management PowerShell Connect-ExchangeOnline bug "A window handle must be configured. See https://aka.ms/msal-net-wam#parent-window-handles"

Image
This post has been updated here: https://www.centrel-solutions.com/blog/exchange-online-powershell-window-handle-error While you're here why not check out our  Exchange audit and documentation tool ? If you're using the Exchange Online Management PowerShell cmdlets you may notice that the following error: A window handle must be configured. See https://aka.ms/msal-net-wam#parent-window-handles This error appears in version 3.7.0 (and persists in version 3.7.1) when the following change was made. Integrated WAM (Web Account Manager) in Authentication flows to enhance security. You notice that this error occurs in PowerShell ISE but not in a PowerShell, the issue also appears in any Windows based applications - for example a WinForms application that tries to execute Connect-ExchangeOnline PowerShell ISE A .NET console application does work correctly. .NET console application While you're here why not check out our  Exchange audit and documentation tool ? The error occurs be...
Read more

Windows Server 2016, 2019, 2022, Windows 10 and Windows 11: Date and time "Some settings are managed by your organization".

Image
When you're using the new "Modern" date and time settings in Windows Server 2016, 2019, 2022, Windows 10 and Windows 11 you may find that you can't set the correct date and time and the value "Some settings are managed by your organization". - While you're here - Why not check out our Windows Server Documentation and Audit Tool? The simplest way around this is to go back to the proper control panel using Start, Run, "Control.exe" and searching for "Set the date".  Within here you can set the date and time manually as required If you try and click the Change time zone button you may again get access denied... To resolve this open an elevated command prompt by right clicking the command prompt and selecting Run as Administrator  From there run the command rundll32.exe shell32.dll,Control_RunDLL timedate.cpl This will open the Data and Time control panel app elevated as an Administrator.
Read more

get-windowsfeature : The given key was not present in the dictionary

Image
When you run the get-windowsfeature cmdlet in PowerShell on Windows Server 2012 you may see the following error get-windowsfeature : The given key was not present in the dictionary. At line:1 char:1 + get-windowsfeature + ~~~~~~~~~~~~~~~~~~     + CategoryInfo          : NotSpecified: (:) [Get-WindowsFeature], KeyNotFoundException     + FullyQualifiedErrorId : System.Collections.Generic.KeyNotFoundException,Microsoft.Windows.ServerManager.Commands    .GetWindowsFeatureCommand This seems to occur if there is a problem in the following registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\ServicingStorage\ServerComponentCache As this is just a cache registry key you can try renaming the key to ServerComponentCache.old and then re-running the PowerShell command or refreshing the view in server manager. This recreates the key and rebuilds the server feature information. - While yo...
Read more