Edit

Share via

Get-EntraDirSyncFeature

  • Reference
Module:
Microsoft.Graph.Entra

Checks the status of directory synchronization features for a tenant.

Syntax

Get-EntraDirSyncFeature
   [-TenantId <String>]
   [-Feature <String>]
   [<CommonParameters>]

Description

The Get-EntraDirSyncFeature cmdlet checks the status of directory sync features for a tenant. If no features are specified, it returns a list of all features and their enabled or disabled status.

For delegated scenarios, the user needs to be assigned the Global Administrator role.

Some of the features that can be used with this cmdlet include:

  • DeviceWriteback
  • DirectoryExtensions
  • DuplicateProxyAddressResiliency
  • DuplicateUPNResiliency
  • EnableSoftMatchOnUpn
  • PasswordSync
  • SynchronizeUpnForManagedUsers
  • UnifiedGroupWriteback
  • UserWriteback

To view all supported features, see the complete feature list.

Examples

Example 1: Return a list of all directory synchronization features

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature

Enabled DirSyncFeature
------- --------------
  False BlockCloudObjectTakeoverThroughHardMatch
  False BlockSoftMatch
  False BypassDirSyncOverrides
  False CloudPasswordPolicyForPasswordSyncedUsers
  False ConcurrentCredentialUpdate
   True ConcurrentOrgIdProvisioning
  False DeviceWriteback
  False DirectoryExtensions
  False FopeConflictResolution
  False GroupWriteBack
  False PasswordSync
  False PasswordWriteback
   True QuarantineUponProxyAddressesConflict
   True QuarantineUponUpnConflict
   True SoftMatchOnUpn
   True SynchronizeUpnForManagedUsers
  False UnifiedGroupWriteback
  False UserForcePasswordChangeOnLogon
  False UserWriteback

This example gets a list of all directory synchronization features and shows if they are enabled (True) or disabled (False).

Example 2: Return the PasswordSync feature status

Connect-Entra -Scopes 'OnPremDirectorySynchronization.Read.All'
Get-EntraDirSyncFeature -Feature 'PasswordSync'

Enabled DirSyncFeature
------- --------------
  False PasswordSync

This example shows if PasswordSync is enabled (True) or disabled (False) for the tenant.

  • -Feature specifies the directory synchronization feature to check the status of.

Parameters

-Feature

The directory sync feature to check. See the complete feature list.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TenantId

The unique ID of the tenant on which to perform the operation. If not provided, the operation defaults to the tenant of the current user. This parameter is applicable only to partner users.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False