Azure AD Connect – force Password sync

Ever wanted to force a password sync with Azure AD Connect ?

Look for event 656/650/657 in the application log after you run the commands.


Import-Module adsync

$aadcon = Get-ADSyncConnector | Where {$_.Type -eq “Extensible2”}

$adcon = Get-ADSyncConnector | Where {$_.Type -eq “AD”}

$c = Get-ADSyncConnector -Name $adcon.Name

$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null

$p.Value = 1



$c = Add-ADSyncConnector -Connector $c

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adcon.Name -TargetConnector $aadcon.Name -Enable $false

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adcon.Name -TargetConnector $aadcon.Name -Enable $true

Change Certificates on ADFS

ADFS 3.0

SSL Certificate

# To see old certificate

Update to the new SSL certifcate make, make sure that you have installed the certificate in the certificate store on all servers in your adfs farm.
Set-AdfsSslCertificate -Thumbprint “?7b1b914c53adbc2c35a983f2122cd72c84172532”

Web application proxy SSL certificate

Use the following command to update your SSL certificate on your ADFS frontend.

Set-WebApplicationProxySslCertificate -Thumbprint 7b1b914c53adbc2c35a983f2122cd72c84172532


Howto download microsoft sql server express

Why should it be so difficult find the right link to download Microsoft SQL server express, here is the direct link to download from Microsoft download.

SQL express server 2014 inclusive management tool
SQL Server 2014 Express x64
SQL Server 2014 Express x86

Only SQL Server 2014 Management Studio
SQL Server 2014 Management Studio x64
SQL Server 2014 Management Studio x86



Verifying that a Private Key Matches a Certificate

To check that the public key in your certificates matches the public part of your private key, you need to view the cert and the key and compare the numbers. To view the Certificate and the key run the commands:

Public key
openssl x509 -noout -modulus -in public.pem | openssl md5
Private key
openssl rsa -noout -modulus -in private.key | openssl md5

If you want to verify witch certificate or key a CSR belong to you can run the following command.

openssl req -noout -modulus -in certificatesigningrequest.csr | openssl md5



Remove license from old office 365 subscription and re-add new license

1. Open an administrative command prompt

2. Go to your office path
Default x86 path = C:\Program Files (x86)\Microsoft Office\Office15
Default x64 path = C:\Program Files\Microsoft Office\Office15

3. Run this command to show your current license
cscript ospp.vbs /dstatus


4. To remove the license run the following command
cscript ospp.vbs /unpkey:

5. Close the command prompt and all running programs and Restart your computer

6. When the computer is restarted open one of the office 2013 programs and it will prompt you to log in.

AD: Delete thumbnailphoto attribute via VB script

function deletethumb(strUserName)
Set objSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & strUserName)
objUser.PutEx ADS_PROPERTY_CLEAR, "thumbnailPhoto", 0
Wscript.Echo "Deleted picture on " &strUserName 
end function
On Error Resume Next
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 2000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
objCommand.CommandText = _
    "SELECT distinguishedName FROM 'LDAP://DC=contoso,DC=dk' WHERE objectCategory='user'"  
Set objRecordSet = objCommand.Execute
Do Until objRecordSet.EOF

Backup scheduled task via powershell

$outfile_temp = "C:\Jobs\backupscheduledtask\archive\";
Function backupscheduledtask($server, $folder)
$sch = New-Object -ComObject("Schedule.Service")
$tasks = $sch.GetFolder("\$folder").GetTasks(0)
if(!(Test-Path $outfile_temp$server)){new-item -path $outfile_temp$server -ItemType container}
if(!(Test-Path $outfile_temp$server\$folder)){new-item -path $outfile_temp$server\$folder -ItemType container}
$tasks | %{
$xml = $_.Xml
$task_name = $_.Name
$xml | Out-File $outfile_temp\$server\$folder$task_name.xml
backupscheduledtask server1 folder
backupscheduledtask server2 automation\folder2