Target Audience
Customers who synchronize users and passwords from Windows Server Active Directory to Access Control
Purpose
This procedure uses a script provided by our company to verify that the Active Directory password for users has been reset and that the UnixUserPassword attribute contains a value.
Notes
- This article is based on the product content as of December 2025 and may be changed without notice due to future updates.
- Access Control achieves password synchronization by acquiring the hashed password stored in the UnixUserPassword attribute.
If the UnixUserPassword attribute does not contain a value, password synchronization cannot be performed, and users will not be able to log in to Access Control. - This procedure must be executed by a user with Domain Admins or Enterprise Admins privileges in the relevant domain.
- If you have not performed the task [Access Control] Running Assign-HDEOnePasswrdSyncGroup.bat, please follow the steps described in the [How to verify sync user and password settings.pdf] received together with the config.ini file from the HENNGE implementation support representative.
Procedure
1. Log in to the device where the HENNGE Directory Sync Tool is installed.
2. Launch PowerShell as an administrator and run the following commands.
cd <path to [HDEOne] folder>.\Check-SyncUser.ps1
Example:
cd C:\HDEOne.\Check-SyncUser.ps1
3. Check the execution results and confirm that the passwords for synchronized users have been changed.
================ unixUserPassword set ================ [sAMAccountName],[UserPrincipalName],[mail] ttsstt,,aaa@bbb.com ← List of users whose Active Directory passwords have been changed ================ unixUserPassword unset ================ [sAMAccountName],[UserPrincipalName],[mail] test,test@sample.jp ← List of users whose Active Directory passwords have not been changed unixUserPassword set user: 1 ← Number of users with changed Active Directory passwords unixUserPassword unset user: 1 ← Number of users with unchanged Active Directory passwords