Share via

Azure AD Connect Cloud Sync together with Azure AD DS

Fredrik Thoresen 20 Reputation points
2023-02-28T12:44:11.9533333+00:00

Hi,

We have an onprem domain, where we are synchronizing users with Azure AD Connect Cloud sync with Password hash sync enabled.

However, we recently created a domain in Azure (with Azure AD DS) and when these users are synchronized from Azure AD to Azure AD DS, they are not able to logon. I suspect we are not synchronizing the NTLM and kerberos information for the users from onprem to azure AD and the information required to logon is therefore blank, but I cannot find any documentation regarding this, or anything telling me how to synchronize the user information that I am missing.

I know thast Azure AD Connect has a work around by running a script (ref. here ), but I do not think there is an equalient for Cloud Sync.

Any answers are greatly appriciated :)

Br

Fredrik

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Entra | Other
0 comments
Accepted answer
  1. Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator
    2023-02-28T16:29:05.4766667+00:00
    2 people found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator
    2023-02-28T12:55:07.06+00:00

    Hello, Have you changed the passwords for those users? Try changing one for a test user, let it sync to Azure, then wait 20 minutes then see if that user can logon to the AADDS domain:

    https://learn.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

    User's image

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.