Password writeback in Azure AD – Writeback

7 January 2021 0 By angelusadeuszabulus

By enabling the password writeback feature, you can synchronize password changes in Azure Active Directory with your on-premises Active Directory environment.

 

Azure AD password writeback prerequisites

To use password writeback, you must have one of the following licenses assigned to your customer.

  • Azure AD Premium P1
  • Azure AD Premium P2
  • Enterprise Mobility + Security E3 or A3
  • Enterprise Mobility + Security E5 or A5
  • Microsoft 365 E3 or A3
  • Microsoft 365 E5 or A5
  • Microsoft 365 F1
  • Microsoft 365 Enterprise
  • Microsoft 365 Business Premium

 

Configure password writeback in Azure AD

  • Start the Azure AD Connect setup wizard, on the Welcome page, select Configure.
  • On the Additional Tasks page, select Customize Synchronization Options.
  • On the Sign in to Azure AD page, enter global administrator credentials, and then select Next.
  • Click Next on connection directories” / “domain filtering / OU”
  • On the Optional Features page, enable password writeback
  • Click on Configure.

In the steps above, you have enabled password writeback in Azure AD. In the next step, we will activate the option of rewriting the password in SSPR “Self-Service Password Reset”

 

Enable the password writeback option in Azure AD
  • Open the Azure portal and sign in with a global administrator account.
  • Go to Azure Active Directory and click on Reset Password.
  • In the left pane, select Properties
  • In Self-service password reset, select all
  • In the left pane, select Authentication method
  • In the right pane, choose the number of methods required to reset, and the method available to the user “Email – Mobile phone – Security questions”
  • In the left pane, select Registration.
  • Adapt to your organization the choice to force or not the users to register during the connection
  • In the left pane, select On-premises integration.
  • In the Rewrite passwords to your local directory pane, select Yes

Here you have just seen in this article, how to enable and configure password write-back in your Azure AD hybrid environment.

Views: 6341