Forum Discussion
Password Expiration with AAD connect Password hash sync
When Password Sync is enabled, the cloud password for a synchronized user is set to “never expires”. This means that the password synchronized to the cloud is still valid after the on-premises pass...
You can certainly create some script or custom AAD Connect rules to disable the user upon password expiration, or force a password change in O365. But there is no out of the box solution, if that's what you ask for.
- Or also switch over to a pass-through authentication model. This was your auth gets passed via agent to have your AD do the auth. This will follow all local AD rules.
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-quick-start
