Skip to content
/ AzureADConnect-MSOL-Sync Public

Hacky way to get access to the MSOL-account and Sync-account used by Azure AD Connect to sync changes between on premise AD and Azure AD.

License

MIT license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sverrevh/AzureADConnect-MSOL-Sync

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
azuread_decrypt_Sync.ps1
azuread_decrypt_Sync.ps1
 
 
azuread_decrypt_msol_v2.ps1
azuread_decrypt_msol_v2.ps1
 
 
decrypt.ps1
decrypt.ps1
 
 

Repository files navigation

AzureADConnect MSOL/Sync-account credentials decrypt

Hacky way to get access to the MSOL-account and Sync-account used by Azure AD Connect to sync changes between on premise AD and Azure AD. For more information about the accounts used see: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions

This tool builds on https://gist.github.com/xpn/f12b145dba16c2eebdd1c6829267b90c but is also able to extract the Sync account password by writing to disk to bypass the 8000 chars limit for xp_cmd_shell used to execute commands as the ADSync user.

These powershell scripts need to run on the system that has Azure AD Connect installed. This is most of the times a Domain Controller.

About

Hacky way to get access to the MSOL-account and Sync-account used by Azure AD Connect to sync changes between on premise AD and Azure AD.

Topics

azuread msol azureadconnector azureadconnect

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Languages