Share via

Question about password syncing from on-prem AD to Azure Entra ID

Cloud_Geek_82 896 Reputation points
2024-06-01T07:35:06.1266667+00:00

Hi All,

There is an on-prem AD DS that is synced to Azure Entra ID.

If a user's password is reset with "User must change password at next logon" checkbox enabled a temporary password is not synced.

Is that by design?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,659 questions
0 comments
Accepted answer
  1. Abiola Akinbade 27,530 Reputation points Moderator
    2024-06-01T10:18:45.2166667+00:00

    Hello Cloud_Geek_82,

    Thanks for your question.

    Yes, it is by design. By default temporary passwords are not synchronized.

    To support temporary passwords in Microsoft Entra ID for synchronized users, you can enable the ForcePasswordChangeOnLogOn feature. See:

    https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-password-hash-synchronization#synchronizing-temporary-passwords-and-force-password-change-on-next-logon

    Please let me know if you have further questions**

    You can mark it 'Accept Answer' if this helped.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.