Can not change password on VPN

Stephen Weber 346 Reputation points
2023-04-04T15:20:53.77+00:00

We have deployed Azure VPN to our remote workstations, however, we have observed that when a user changes their password, the updated password fails to propagate to both Azure and the local on-premises system. We would appreciate any guidance on how to provide end-users with the necessary permissions to resolve this issue. Please note that we have enabled password writeback.

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,405 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sedat SALMAN 13,180 Reputation points
    2023-04-04T15:28:28.7133333+00:00
    • Since you've already enabled password writeback, make sure that the necessary permissions are in place for the Azure AD Connect service account. The account should have the 'Reset Password' and 'Change Password' permissions on your on-premises Active Directory.
    • By default, Azure AD Connect synchronizes data between your on-premises Active Directory and Azure AD every 30 minutes. If the password change isn't propagating immediately, you can either wait for the next synchronization cycle or manually force synchronization using PowerShell:
       Import-Module ADSync 
       Start-ADSyncSyncCycle -PolicyType Delta
    
    • Ensure that your Azure AD Connect is properly configured to synchronize passwords. To do this, open the Azure AD Connect configuration wizard and verify that 'Password Synchronization' is enabled under 'Optional features'. If it is not enabled, enable it and run a full synchronization to update the changes.

    Note: You can also check the synchronization errors in the Azure portal (Azure Active Directory > Health > Sync errors). This information might help you identify any issues or misconfigurations.


0 additional answers

Sort by: Most helpful