Enforce on-premises Azure AD Password Protection for Active Directory Domain Services

Joseph Patrick 641 Reputation points
2021-02-26T14:05:49.477+00:00

Does this setup/ feature require Azure to be able to write back to on-prem or can it work with a one way sync?

The Microsoft documentation is not clear on that aspect.

Azure AD Password Protection detects and blocks known weak passwords and their variants, and can also block additional weak terms that are specific to your organization.

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-password-protection-and-smart-lockout-are-now-in-public/ba-p/245423

https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,122 questions
0 comments No comments
{count} votes

Accepted answer
  1. Abhijeet-MSFT 546 Reputation points Microsoft Employee
    2021-03-01T08:23:02.48+00:00

    Hi @Joseph Patrick , Azure AD password protection for active directory is for password changes in onprem AD and it does not require password writeback. However th e agent needs to talk to Azure to update the policies configured in Azure.

    0 comments No comments

0 additional answers

Sort by: Most helpful