Here is a PowerShell script: https://gallery.technet.microsoft.com/office/AD-Advanced-Permissions-49723f74 that you can use to configure required permissions for the following features:
- Device WriteBack
- Exchange Hybrid WriteBack
- Office 365 Group WriteBack
- Password Hash Sync (Replicating Directory Changes / Replicating Directory Changes All)
- Password WriteBack
- ms-DS-ConsistencyGuid permission
- adminSDHolder
Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.