question

knollknows-8233 avatar image
0 Votes"
knollknows-8233 asked MarileeTurscak-MSFT answered

Azure AD Users cannot logon to on premises workstations

Hello,

I have setup Azure AD Connect, can validate the AD replications of users (from on prem) appear in the Azure AD portal. All 'looks well' however, I cannot seem to be able to logon with these Azure AD users. The Azure AD users that I created via the Azure Portal CAN logon to Azure AD Joined machines. These same users however, cannot logon to on premises workstations that are domain joined.

I have tried doing a password reset, validated the users can logon to portal.azure.com with password, can logon to Azure AD joined machine, but with on premises workstation, the message is 'incorrect username/password".

Thanks in advance for any/all help.

-Noel

azure-ad-connect
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Hi Noel,

If you have reset the passwords and the users can log into the portal but not to the on-premises machines, please ensure that password writeback is set up properly. https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback

You'll need to enable it both in AAD Connect and in the portal if you haven't already. https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback

If it's already enabled and you are still seeing this issue, I would suggest confirming the network connectivity, restarting the AAD Connect Sync service if needed, installing the latest AAD Connect release, and disabling and re-enabling the writeback service. There are more troubleshooting steps in this guide: https://docs.microsoft.com/en-us/azure/active-directory/authentication/active-directory-passwords-troubleshoot

Restarting the sync service:
7860-adconnectsyncrestart.png



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.