migrate users from Identity Server3 to AAD

Maksim Sialitski 1 Reputation point

We would like to change our authentication and authorization system from IdentityServer3 to Azure AD
We have PaaS SQL server UserManagement database with user information.
The password is stored in a one-way encrypted format, such as with a hash function.
The password is stored by the IS3 in a way that we can't access. For example, when the identity provider validates credentials by calling a web service.
We have completed pre migration steps by exporting users to csv and creating them in AAD with default passwords using this:

> Connect-azuread
$users = import-csv C:\temp\Admin.csv
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "P@$$w0rd"
foreach ($usr in $users)
New-AzureADUser -DisplayName $usr.name -PasswordProfile $PasswordProfile -UserPrincipalName $usr.upn -AccountEnabled $true -MailNickName $usr.email

Question: Is it possible to do some kind of one way password hash sync to AAD to provide seamless login for end users via AAD

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,451 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Cristian SPIRIDON 4,471 Reputation points


    You can't reuse the passwords hash. That is the purpose of the password hash - to not be able to retrieve the password other that by knowing it. If the hash function is different then you can't reuse the hash.

    Hope this helps!

    0 comments No comments