This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 64%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGI%3C/text%3E%3C/svg%3E)
Hi all,
I have a Entra connect AD setup. In this setup, Azure is only a backup server, where it synchronizes the objects from on-prem AD to Azure AD at a regular frequency.
Whenever I change my password, subject username was "ANONYMOUS LOGON". But recently I noticed MSOL_xxxx account in subject username.
Up to my knowledge, even though this MSOL account has high privileges, it was configured to sync objects alone.
I would be much obliged if anyone explain why this happened?
Thanks in advance.
Not sure what you mean by "Azure is only a backup server"
But where are you changing this password , what event logs are you seeing this is and do you have SSPR enabled?
https://learn.microsoft.com/en-us/entra/identity/authentication/tutorial-enable-sspr
Hi Andy,
Thanks for the reply.
Yes, I checked the docs and understood that Azure isn't a backup server here, instead Entra connect.
And I learned that when I change my password with the help of on-prem AD, subject user is ANONYMOUS LOGON. And when I change my password with the help of Azure AD, subject user is "MSOL_xxx" (SSPR with password write back).
So, SSPR and password write back is enabled.
Could you confirm whether this is the correct?