I understand that, however i wanted to avoid all dependencies with onprem agents.
password hash sync locked AD accounts
Hello all
Thinking about moving from ADFS auth to password hash sync, however i would like to get an understanding how other companies are handling the below limitations of PHS ?
1.locked onprem not respected in Azure
2.password is expired not respected in Azure
3.restricted logon hours not respected in Azure
4.password is expired not respected in Azure
2 answers
Sort by: Newest
-
-
Vasil Michev 96,436 Reputation points MVP
2020-04-30T20:02:06.413+00:00 Instead of PHS, enable PTA+SSO. Not only it will address all the above concerns, but will give your users a seamless SSO experience similar to AD FS. https://learn.microsoft.com/en-us/azure/active-directory/hybrid/plan-migrate-adfs-pass-through-authentication