Share via

Password Writeback General Questions

Catherine Meyer 21 Reputation points
2021-03-31T00:18:22.563+00:00

So, I'm trying to understand some more intricate inter workings of PasswordResetService. Unlike the pass-through authentication feature, there is no windows service that runs for password writeback. It is my understanding that password writeback uses a service bus relay that's specific to the tenant. Why do I not see that in my tenant, and how is this working under-the-hood? Is there no need for multiple "instances" like there is for pass-through Authentication? Is it a WCF service, and if so, what is that doing, and how is high availability acconted for?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. Andy David - MVP 157.5K Reputation points MVP Volunteer Moderator
    2021-03-31T12:02:05.303+00:00

    its enabled with AADConnect:

    https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writeback
    https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback

    If you want redundancy, you can have more than one AADConnect serve, but only one server at a time can sync with the tenant, the other server is in staging mode but can easily be switched if necessary.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Catherine Meyer 21 Reputation points
    2021-03-31T17:05:15.413+00:00

    @Andy David - MVP thanks for the response! Just want to be clear in my understanding, the writeback service isn't actually a windows service? It's just a WCF endpoint that is created when you choose to enable password writeback in AAD Connect?

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.