25,157 questions
It can take 2 minutes or so:
https://learn.microsoft.com/en-us/entra/identity/authentication/tutorial-enable-sspr#faqs
Entra Connect Directory Synchronization timing
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 52%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBK%3C/text%3E%3C/svg%3E)
Billy Kunstek
20
Reputation points
Our SSPR process has been taking upwards of 7 minutes to update password via the Entra Connect password writeback feature and users were unable to log into their Intune cloud only machines until the password writeback was finished. We identified that we were running an outdated version of Entra Connect and updated to the lastest via a Swing Migration.
Once this migration was completed we appear to still be seeing delays for longer then a minute at times and other times it can be instant for the end user.
Below example:
User initiated SSPR at 5:07:11 PM , on premises domain controller received and updated the password by 5:07:20 PM CST. The user was unable to have a successful log in with Entra until 5:09:05 PM CST for a total login failure delay of 114 seconds.
When looking at the Entra Connect logs and the on premises domain controller the password change was seemingly instant but the Directory Synchronization events didn't report back till the 114 second mark. Is this an event delay from on prem to the Entra Connect server we would need to look into?
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Accepted answer
-
Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator2024-12-18T19:09:57.65+00:00 -
Billy Kunstek 20 Reputation points
2024-12-18T20:24:50.7933333+00:00 Thank you, I didn't see the note there originally.
Sign in to comment -