Office 365 – Enable password writeback

Since few months, the directory synchronization tool for Office 365 allows password synchronization – see

While this feature is greatly appreciated – as it simplify SSO deployment and configuration for example, there was still a missing feature: the end user was not able to change his password from Office 365 services.

So, with the latest version of DirSync (version 1.0.6765.6) you can enable password synchronization in two way: meaning the "classic and default” way from your on premises to Office 365 but also from Office 365 to your on premises.

The first thing is to ensure you are running DirSync in the following version 1.0.6765.6 (or later of course Smile). If not, just upgrade or install a newer version (I always recommend to uninstall the current version and then install the new one).

Check the DirSync version

to check DirSync version you are currently using, open the Windows Explorer and browse to C:\Program Files\Windows Azure Active Directory Sync then right click on ConfigWizard.exe file and check the version


Enable Password Writeback feature

When you install and configure the DirSync tool, there is no option available to enable password writeback as we have to enable password synchronization – off course this settings MUST be enabled

So to enable the writeback feature, launch the DirSyncConfigShell.psc1 file with elevated privileges (this file is located in the same folder than ConfigWizard)

From a PowerShell windows launched with elevated privileges, go to C:\Program Files\Windows Azure Active Directory Sync and launch DirSyncConfigShell which then will launch a new PowerShell window


Then run the following command Enable-OnlinePasswordWriteBack


You will be asked for your local Active Directory administrator account and then your Office 365 administrator account


Then it may take few minutes to get the feature fully enabled


Once the feature has been enabled, the command prompt shows Password reset write-back is enabled.


You can also check when the feature has been enabled, open the local Event Viewer and look for  the event ID 31005 – OnboardingEventSuccess from the source PasswordResetService


Disable the password writeback feature

If you want to disable it, just repeat the previous steps but then run the Disable-OnlinePasswordWriteBack; then the command prompt will show Password reset write-back is disabled

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.