Inexplicably, sometimes clients that I have setup with a hybrid deployment that syncs local Active Directory accounts with online Office365 Exchange (which is awesomely free for non-profits)…stops syncing.

I’ve had to do this a few times when resetting the password on the local AD server doesn’t update the password on Office365.

First check your Application log. It should be recording evend IDs 656 and 657 from source “Directory Synchronization” whenever you change a password and force a sync. if it doesn’t, do this:

  1. Open the registry editor (regedit) and navigate to
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSOLCoExistence\PasswordSync\
  2. Right-click the “FullSyncRequired” key and change the value to “1”
  3. Restart the “Forefront Identity manager Synchronization Service” from the services applet (services.msc)

That has gotten the plumbing unstuck for me a few times. Synchronization works afterwards, on schedule.

(unless it breaks again)