Entra ID domain services Fine grained password policy not applying to Entra ID users

Kastytis Balciunas 26 Reputation points
2024-11-01T17:41:40.94+00:00

Setup:

I've set up Entra ID domain services in our cloud only environment, created a VM and domain joined it to the domain services then synced few users from Entra ID then using those user credential i'm able to log in to the domain join VM and use administrative tools to change setting add users and so on.

I've create a fine grained password policy with precedents lower then default policy and apply it to domain users group and directly to the user.

Issue:

When i go to Entra ID cloud and reset users passwords, they go create a new password but the FGPP setting are not applying.

Question:

How do i configure password policy in Entra ID domain services to apply to Entra ID cloud only users that are synced to domain services?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

Accepted answer
  1. Givary-MSFT 35,626 Reputation points Microsoft Employee Moderator
    2024-11-04T09:47:17.3233333+00:00

    @Kastytis Balciunas Thank you for reaching out to us, As I understand you are trying to configure password policy in Entra ID domain services to apply to Entra ID cloud only users that are synced to domain services.

    As far I understand and as per this doc - https://learn.microsoft.com/en-us/entra/identity/domain-services/password-policy A default fine grained password policy is created within Entra ID Domain Services and applied to all users in a Domain Services managed domain, not for the users synced from Entra ID to Entra Domain Services.

    If in case you want to have better password protection for the cloud users, refer to this - https://learn.microsoft.com/en-us/entra/identity/authentication/concept-password-ban-bad

    Let me know if you have any further questions, feel free to post back.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.