Password Writeback General Questions

Catherine Meyer 21 Reputation points
2021-03-31T00:18:22.563+00:00

So, I'm trying to understand some more intricate inter workings of PasswordResetService. Unlike the pass-through authentication feature, there is no windows service that runs for password writeback. It is my understanding that password writeback uses a service bus relay that's specific to the tenant. Why do I not see that in my tenant, and how is this working under-the-hood? Is there no need for multiple "instances" like there is for pass-through Authentication? Is it a WCF service, and if so, what is that doing, and how is high availability acconted for?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,468 questions
0 comments
Accepted answer
  1. Andy David - MVP 141.6K Reputation points MVP
    2021-03-31T12:02:05.303+00:00

    its enabled with AADConnect:

    https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writeback
    https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback

    If you want redundancy, you can have more than one AADConnect serve, but only one server at a time can sync with the tenant, the other server is in staging mode but can easily be switched if necessary.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Catherine Meyer 21 Reputation points
    2021-03-31T17:05:15.413+00:00

    @Andy David - MVP thanks for the response! Just want to be clear in my understanding, the writeback service isn't actually a windows service? It's just a WCF endpoint that is created when you choose to enable password writeback in AAD Connect?