更改 Azure AD 连接器帐户密码Change the Azure AD Connector account password

Azure AD 连接器帐户应该是免费服务。The Azure AD Connector account is supposed to be service free. 但如果需要重置其凭据,则可以参阅本主题。If you need to reset its credentials, then this topic is for you. 例如,全局管理员错误地使用 PowerShell 对帐户重置了密码。For example, if a Global Administrator has by mistake reset the password on the account using PowerShell.

重置凭据Reset the credentials

如果 Azure AD 连接器帐户由于身份验证问题无法联系 Azure AD,则可以重置密码。If the Azure AD Connector account cannot contact Azure AD due to authentication problems, the password can be reset.

  1. 登录到 Azure AD Connect 同步服务器并启动 PowerShell。Sign in to the Azure AD Connect sync server and start PowerShell.
  2. 运行 Add-ADSyncAADServiceAccountRun Add-ADSyncAADServiceAccount.
    PowerShell cmdlet addadsyncaadserviceaccountPowerShell cmdlet addadsyncaadserviceaccount
  3. 提供 Azure AD 全局管理员凭据。Provide Azure AD Global admin credentials.

此 cmdlet 重置服务帐户的密码,并在 Azure AD 和同步引擎中更新该密码。This cmdlet resets the password for the service account and update it both in Azure AD and in the sync engine.

这些步骤可以解决的已知问题Known issues these steps can solve

本部分列出了客户报告的可以通过重置 Azure AD 连接器帐户凭据解决的错误。This section is a list of errors reported by customers that were fixed by a credentials reset on the Azure AD Connector account.


事件 6900Event 6900
服务器在处理密码更改通知时遇到意外的错误:The server encountered an unexpected error while processing a password change notification:
AADSTS70002:验证凭据时出错。AADSTS70002: Error validating credentials. AADSTS50054:使用了旧密码进行身份验证。AADSTS50054: Old password is used for authentication.


事件 659Event 659
检索密码策略同步配置时出错。Error while retrieving password policy sync configuration. Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException:Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException:
AADSTS70002:验证凭据时出错。AADSTS70002: Error validating credentials. AADSTS50054:使用了旧密码进行身份验证。AADSTS50054: Old password is used for authentication.

后续步骤Next steps

概述主题Overview topics