Enable Password writeback for Azure AD

                   Enable Password writeback for Azure AD

If you want to read all my new article at once, feel free to scan the following QR code to follow my wechat account.

图片包含 纵横字谜, 文字, 室内

描述已自动生成

There is always someone to learn from is happening for me again which is a good news in my mind. That mean I don’t need to work alone anymore.

Well, we keep having the problem since using office 365. As all of our user is host on the local ldap server and use Azure AD Connector to syn to Azure AD. So end user won’t successful to reset the password directly from Office 365 because the default Office 365 A5 license do not have the ability to let the latest password reset from the cloud to write back to local ldap server. We confirm with Microsoft that we have to order Azure AD Premium license which is too expensive for school to order it.

However, we hear from one of the friend discuss it from Wechat group and mention that once you got one Microsoft 365 A5 license, you can enable to password write back feature for your whole tenant. Well, we did order some Microsoft 365 A5 license to active the ATP service to protect our data. Why not try to turn on the password writeback feature and try it. If it works, that means Teacher don’t require to login to any third part service to reset their password to local LDAP server.

Let’s try how to do it now. First of all, make sure to assign Microsoft 365 A5 license under your account so that you got the permission to change the setting. As my pervious tutorial have show how to do it, so let’s skip for this step.

Login to the Azure AD with your account with got Microsoft 365 A5 license from the linke below: https://azure.microsoft.com/en-us/services/active-directory/

社交网站的手机截图

描述已自动生成

Click into filed “User”.

手机截图图社交软件的信息

描述已自动生成

Click into “Password Reset”.

手机屏幕截图

描述已自动生成

Under “On-premises integration” switch the box “Write back passwords to your on premises directory” to Yes.

手机截图图社交软件的信息

描述已自动生成

Then select the user who can apply for the password writeback permission under properties like the screenshot below. I personally suggest to choose All so everyone can get the permission to reset the password from Office 365 directly.

手机屏幕截图

描述已自动生成

After all, the password writeback feature is enable for your tenant. So let’s take a look how does the end user reset their password at their end.

Sign into Microsoft O365 and then click the person icon on the top right corner→ My account. 

手机截图图社交软件的信息

描述已自动生成

Click the Security & privacy on left panel and then click Password.

手机屏幕截图

描述已自动生成

Type in your old password for verification and then type in your new password and

submit.

手机屏幕截图

描述已自动生成

Tips:

Keep in mind new AISG passwords must

Meet at least three of these four criteria:

  1. min 8 characters in length
  2. include letters and numbers
  3. include at least one capital letter
  4. include at least one special characters

Additionally, you cannot reuse a recent password. 

发表评论

电子邮件地址不会被公开。