Hi @Vasil Michev .
But this is a security risk, isn't it? If we disable an account and it's still enabled in AzureAD so the leaver can still access the cloud resources especially when we have synced the password.
Cheers,
Narayan
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi There,
If I disable any account in on-premises DC, does this syncs immediately like passwords?
If not, how can I make sure it does?
Cheers,
NG
Hi @Vasil Michev .
But this is a security risk, isn't it? If we disable an account and it's still enabled in AzureAD so the leaver can still access the cloud resources especially when we have synced the password.
Cheers,
Narayan
No, it syncs like any other attribute, 30 mins by default. You can force a sync as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-feature-scheduler#start-the-scheduler
Start-ADSyncSyncCycle -PolicyType Delta