Question about password syncing from on-prem AD to Azure Entra ID

Cloud_Geek_82 831 Reputation points
2024-06-01T07:35:06.1266667+00:00

Hi All,

There is an on-prem AD DS that is synced to Azure Entra ID.

If a user's password is reset with "User must change password at next logon" checkbox enabled a temporary password is not synced.

Is that by design?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,168 questions
0 comments No comments
{count} votes

Accepted answer
  1. akinbade abiola 5,870 Reputation points
    2024-06-01T10:18:45.2166667+00:00

    Hello Cloud_Geek_82,

    Thanks for your question.

    Yes, it is by design. By default temporary passwords are not synchronized.

    To support temporary passwords in Microsoft Entra ID for synchronized users, you can enable the ForcePasswordChangeOnLogOn feature. See:

    https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-password-hash-synchronization#synchronizing-temporary-passwords-and-force-password-change-on-next-logon

    Please let me know if you have further questions**

    You can mark it 'Accept Answer' if this helped.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful