Closed sfonteneau closed 1 year ago
I'm trying to use "Set-AADIntUserPassword" but it doesn't work, maybe I'm missing something?
Import-Module AADInternals Get-AADIntAccessTokenForAADGraph -SaveToCache AccessToken saved to cache. Tenant User Resource Client ------- ---- -------- ------ ****** admin@domain.fr https://graph.windows.net *************** Set-AADIntSyncFeatures -EnableFeatures PasswordHashSync BlockCloudObjectTakeoverThroughHardMatch : False BlockSoftMatch : False DeviceWriteback : False DirectoryExtensions : False DuplicateProxyAddressResiliency : True DuplicateUPNResiliency : False EnableSoftMatchOnUpn : False EnableUserForcePasswordChangeOnLogon : False EnforceCloudPasswordPolicyForPasswordSyncedUsers : False PassThroughAuthentication : False PasswordHashSync : True PasswordWriteBack : False SynchronizeUpnForManagedUsers : False UnifiedGroupWriteback : False UserWriteback : False Set-AADIntUser -UserPrincipalName "test@domain.fr" -ImmutableId test@domain.fr Get-AADIntUser -UserPrincipalName "test@domain.fr" | select UserPrincipalName,ImmutableId UserPrincipalName ImmutableId ----------------- ----------- test@domain.fr test@domain.fr Set-AADIntUserPassword -SourceAnchor "test@domain.fr" -hash FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF CloudAnchor ExtendedErrorInformation ----------- ------------------------ CloudAnchor The password change request cannot be executed since it contains changes to one or more cloud only user objects, which is not supported. Please refer to https://docs.microsof... Set-AADIntUserPassword -CloudAnchor "User_c4854aa3-bbbb-eeee-9999-26bedf6e8eb2" -Password "password123" CloudAnchor ExtendedErrorInformation ----------- ------------------------ User_c4854aa3-bbbb-eeee-9999-26bedf6e8eb2 The password change request cannot be executed since it contains changes to one or more cloud only user objects, which is not supported. Please ...
If the user was not created by an azure ad connect it does not work ?
I confirm that it works with an account that was created with azure ad connect.
I'm trying to use "Set-AADIntUserPassword" but it doesn't work, maybe I'm missing something?
If the user was not created by an azure ad connect it does not work ?