We are currently investigating how we can best implement this feature.
An error occurred while saving the commentAnthony Minardi commented
Before I get into it. I want to agree with Ann. the Switch from Password Hash to Pass Thru will get it done, But it will put a strain on your On Prem AD and if the AD goes down no one will be able to Authenticate or Log in. You will need the Service running in a High Available Setup. Just wanted to throw this out there. Another solution would instead of the Admin resetting the Passwords and then Syncing you can use Manage Engine or setup Write Back for the User to be able to Reset Passwords and it will change it on the On Prem AD and Sync to Azure AD and Office 365. I use Intune Policies to send out a Notification with a link to the Forgot My Password and when they go to the Link it changes it on site and syncs it.
Yes it is Smoke and Mirrors but the passwords do get changed every 60 days or 120 depending on your password policy.
I used that for the past few moths and it works great.
I moved the On Prem AD Servers to Azure. I now going to go from Hashing to Pass Thru due to the High Available Set for the two AAD Servers that can take the added Authentication and I dont have to worry about the Server going down they are in Azures COLO.