Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Anthony Minardi

My feedback

  1. 272 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    38 comments  ·  Azure Active Directory » Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Anthony Minardi commented  · 

    Hello
    Before I get into it. I want to agree with Ann. the Switch from Password Hash to Pass Thru will get it done, But it will put a strain on your On Prem AD and if the AD goes down no one will be able to Authenticate or Log in. You will need the Service running in a High Available Setup. Just wanted to throw this out there. Another solution would instead of the Admin resetting the Passwords and then Syncing you can use Manage Engine or setup Write Back for the User to be able to Reset Passwords and it will change it on the On Prem AD and Sync to Azure AD and Office 365. I use Intune Policies to send out a Notification with a link to the Forgot My Password and when they go to the Link it changes it on site and syncs it.
    Yes it is Smoke and Mirrors but the passwords do get changed every 60 days or 120 depending on your password policy.
    I used that for the past few moths and it works great.
    I moved the On Prem AD Servers to Azure. I now going to go from Hashing to Pass Thru due to the High Available Set for the two AAD Servers that can take the added Authentication and I dont have to worry about the Server going down they are in Azures COLO.

Feedback and Knowledge Base