I wanted to update the OUs synced from some of my connectors in Azure AD. It’s easy to do it via the GUI but there was nothing online on how to do it via PowerShell.
I asked ChatGPT and it hallucinated the hell out by making new cmdlets. :)
Or:
Or:
Or:
Amazing, the confidence with which is can make up non existent cmdlets. 😃
Anyways, inspired by this blog post I went around exploring every cmdlet in the module to see which one might do the trick. And finally stumbled upon this:
|
1 2 3 4 5 6 7 8 9 10 11 |
# Pause syncing if it is running, else everything that follows gives the impression it works but doesn't actually do anything if ((Get-ADSyncScheduler).SyncCycleInProgress) { Stop-ADSyncSyncCycle } # Get the existing connectors $connectors = Get-ADSyncConnector # To add an OU in the inclusion list of one of the connectors $connectors[4].Partitions.ConnectorPartitionScope.ContainerExclusionList.Add("OU=XXX,DC=XXX,DC=com") Add-ADSyncConnector -Connector $connectors[4] |
Then do a full sync so the OU is imported.
|
1 2 |
Set-ADSyncSchedulerConnectorOverride -Connector $connectors[4].Identifier -FullSyncRequired $true Start-ADSyncSyncCycle -PolicyType Delta |
And to remove:
|
1 2 |
$connectors[4].Partitions.ConnectorPartitionScope.ContainerExclusionList.Remove("OU=XXX,DC=XXX,DC=cohenlaw,DC=com") Add-ADSyncConnector -Connector $connectors[4] |
Didn’t realize the Add-ADSyncConnector can both add or update. While Googling more on that cmdlet I also came across this blog post – linking it here in case it’s of use to me later.