This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We have three sets of password expiration policies (60 days, 180 days and no expiration) in on-prem AD. When we sync to the Azure Ad, can we get the same password expiration policy in Azure AD? Thanks.
If you are syncing your password hashes then the synced accounts will use the on-premises Active Directory password policies. This does not carry over the password expiry policy as the Azure AD account passwords are set to never expire here however if you are forcing users to change passwords on-premises after xx days then this will update their Azure AD password once the password is changed anyway.
In Azure AD, password expiration policies are configured per-domain, as detailed here: https://learn.microsoft.com/en-us/microsoft-365/admin/manage/set-password-expiration-policy?view=o365-worldwide
If you want more granular control, consider using authentication methods such as password-hash sync or pass-trough authentication, which will respect your on-premises policies.