Target
Customers who perform user and password synchronization from Windows Server Active Directory to Access Control
Purpose
To verify that the user's Active Directory password has been reset and that the UnixUserPassword attribute contains a value, using the script provided by our company.
Notes
- This article is based on the product content as of December 2025 and may be changed without notice due to future updates.
- In Access Control, password synchronization is achieved by obtaining the hashed password entered in the UnixUserPassword attribute.
If the UnixUserPassword attribute does not contain a value, password synchronization cannot be performed, and users cannot log in to Access Control. - This procedure must be executed by a user with Domain Admins or Enterprise Admins role in the relevant domain.
Procedure
1. Log in to the device where the HENNGE Directory Sync Tool is installed.
2. Launch PowerShell as an administrator and execute the following commands.
> cd <path to [HDEOne] folder> > .\Check-SyncUser.ps1
Example:
> cd C:\work\HDEOne > .\Check-SyncUser.ps1
3. Check the execution results and confirm that the password of the synced target users has been changed.
================ unixUserPassword set ================ [sAMAccountName],[UserPrincipalName],[mail] ttsstt,,aaa@bbb.com ← List of users whose Active Directory password has been changed ================ unixUserPassword unset ================ [sAMAccountName],[UserPrincipalName],[mail] test,test@sample.jp ← List of users whose Active Directory password has not been changed unixUserPassword set user: 1 ← Number of users whose Active Directory password has been changed unixUserPassword unset user: 1 ← Number of users whose Active Directory password has not been changed