Set-EntraDirSyncEnabled
Turns directory synchronization on or off for a company.
Syntax
Set-EntraDirSyncEnabled
-EnableDirSync <Boolean>
[-Force]
[-TenantId <String>]
[<CommonParameters>] Description
The Set-EntraDirSyncEnabled cmdlet turns directory synchronization on or off for a company.
A new service principal appears in your tenant when you enable or reenable DirSync. It has the appId 6bf85cfa-ac8a-4be5-b5de-425a0d0dc016 and the display name Microsoft Entra AD Synchronization Service.
Deactivating DirSync may take up to 72 hours, depending on the number of objects in your cloud subscription. Once disabled, the process cannot be canceled and must complete before you can take further action, including re-enabling DirSync.
If you re-enable DirSync, a full synchronization will occur, which may take significant time based on the number of objects in Microsoft Entra ID.
Additionally, if BlockCloudObjectTakeoverThroughHardMatch is enabled, re-enabling DirSync will block On-Prem to cloud object takeover/updates for all Microsoft Entra ID-mastered objects. To allow syncing of these objects, set BlockCloudObjectTakeoverThroughHardMatch to false.
Examples
Example 1: Turn on directory synchronization
Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All'
Set-EntraDirSyncEnabled -EnableDirsync $true -Force $trueThis example turns on directory synchronization for a company.
-EnableDirsyncSpecifies whether to turn on directory synchronization on for your company.-ForceForces the command to run without asking for user confirmation.
Example 2: Turn off directory synchronization
Connect-Entra -Scopes 'OnPremDirectorySynchronization.ReadWrite.All', 'Organization.ReadWrite.All'
$tenantID = (Get-EntraContext).TenantId
Set-EntraDirSyncEnabled -EnableDirsync $false -TenantId $tenantID -Force $trueThis example turns off directory synchronization for a company.
-EnableDirsyncSpecifies whether to turn on directory synchronization on for your company.-ForceForces the command to run without asking for user confirmation.-TenantIdSpecifies the unique ID of the tenant on which to perform the operation.
Parameters
-EnableDirsync
Specifies whether to turn on directory synchronization on for your company.
| Type: | System.Boolean |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | System.Management.Automation.SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantId
Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |