question

LeoJohnson-5897 avatar image
0 Votes"
LeoJohnson-5897 asked

Use a service account to configure the Pass-trough Authentication Agent

Hi all,

At the moment we are using 1 Azure AD Connect server with Pass-trough Authentication configured.

One of our former employees installed a second server for Pass-trough Authentication high availability.

I'm reading his documentation: He installed the Pass-trough Authentication Agent with his own credentials and connected with his own Azure Admin account the agent to Azure AD.

Is this best practice? Don't you need to use a service account?

Will there anything go wrong when we delete the account of the former employee?

Please, let me know!

Leo

azure-ad-connectazure-ad-pass-through-authentication
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Hi @LeoJohnson-5897,

The How to Connect PTA Quick Start guide says to configure it with the global tenant admin credentials, and that is always how I have done it as well.

Where do you see guidelines recommending a service account? To which step are you referring?

[2]: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-how-it-works

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.