Note

Access to this page requires authorization. You can try signing in or .

Access to this page requires authorization. You can try .

Get-EntraDirSyncFeature

Checks the status of directory synchronization features for a tenant.

Syntax

Default (Default) 

Get-EntraDirSyncFeature

 [-TenantId <String>]
 [-Feature <String>]
 [<CommonParameters>]

Description

The Get-EntraDirSyncFeature cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status.

For delegated scenarios, the user needs to be assigned the Global Administrator role.

Some of the features that can be used with this cmdlet include:

  • DeviceWriteback
  • DirectoryExtensions
  • DuplicateProxyAddressResiliency
  • DuplicateUPNResiliency
  • EnableSoftMatchOnUpn
  • PasswordSync
  • SynchronizeUpnForManagedUsers
  • UnifiedGroupWriteback
  • UserWriteback

To view all supported features, see the complete feature list.

Examples

Example 1: Return a list of all directory synchronization features

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature

Enabled DirSyncFeature
------- --------------
 False BlockCloudObjectTakeoverThroughHardMatch
 False BlockSoftMatch
 False BypassDirSyncOverrides
 False CloudPasswordPolicyForPasswordSyncedUsers
 False ConcurrentCredentialUpdate
 True ConcurrentOrgIdProvisioning
 False DeviceWriteback
 False DirectoryExtensions
 False FopeConflictResolution
 False GroupWriteBack
 False PasswordSync
 False PasswordWriteback
 True QuarantineUponProxyAddressesConflict
 True QuarantineUponUpnConflict
 True SoftMatchOnUpn
 True SynchronizeUpnForManagedUsers
 False UnifiedGroupWriteback
 False UserForcePasswordChangeOnLogon
 False UserWriteback

This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False).

Example 2: Return the PasswordSync feature status

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature -Feature 'PasswordSync'

Enabled DirSyncFeature
------- --------------
 False PasswordSync

This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant.

  • -Feature specifies the directory synchronization feature to check the status of.

Parameters

-Feature

The directory sync feature to check. See the complete feature list.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

-TenantId

The unique ID of the tenant on which to perform the operation. This parameter provides compatibility with Azure AD and MSOnline for partner scenarios. TenantID is the signed-in user's tenant ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Related Links

Feedback

Was this page helpful?