Forum Discussion
Why can an account expire on-prem and still access email, Teams, etc.?
Hello everyone! I am currently dealing with an issue where one of my user's accounts expired on our prem solution (which should be synced with AD through AD Connect), but they can still access t...
account expiration isnt a replicated value of Adconnect
unless you have something onprem running to check expirations & then disable the local AD Account once expiration has been reached the users will still be able to sign in /user Azure/365 resources since to Azure AD the user is still enabled
unless you have something onprem running to check expirations & then disable the local AD Account once expiration has been reached the users will still be able to sign in /user Azure/365 resources since to Azure AD the user is still enabled
Yeah, it's explained in the above links. If applicable one can use the EnforceCloudPasswordPolicyForPasswordSyncedUsers
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization#enforcecloudpasswordpolicyforpasswordsyncedusers
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization#enforcecloudpasswordpolicyforpasswordsyncedusers
- Ok, I was reading the OPs post from the view of AD account expiration, not password expiration
TuckerGreen, can you confirm if you were dealing with PW expiration or AD account expiration- That's the first of the two links above 😉 I changed the display name to make it clearer.
- gotcha