Hi @HanakJ · Thanks for reaching out.
Checking the "User must change password at next logon" flag on a user object in on-prem Active Directory (AD) may cause this. Forcing a user to change their password on next logon requires a password change at the same time. Azure AD Connect will not pick up the force password change flag by itself; it is supplemental to the detected password change that occurs during password hash sync.
Support temporary passwords in Azure AD for synchronized users is not enabled by default and is enabled by running the following command on your Azure AD Connect server:
Set-ADSyncAADCompanyFeature -ForcePasswordChangeOnLogOn $true
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.