Forum Discussion
PHS remote users change password
Hello all We are currently in a hybrid PHS environment. We have SSPR turned on and its working. What i am trying to understand is how do we get "work from home users" to update their password? If th...
Hi, have a look at the "EnforceCloudPasswordPolicyForPasswordSyncedUsers".
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization#enforcecloudpasswordpolicyforpasswordsyncedusers
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization#enforcecloudpasswordpolicyforpasswordsyncedusers
- Its already turned on, but the flag “DisablePasswordExpiration” on the user account doesnt get removed until the user first changes their password
- I suppose you didn't enable it before enabling PHS then. And this is configured as well? https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback#enable-password-writeback-for-sspr
- PHS was enabled first, then we turned on "DisablePasswordExpiration". We have SSPR turned on, and password writeback, but allow "users to unlock accounts without resetting their password" is off. Again what i am trying to understand is how can i handle all of my work from home users ? considering they will never change there password because they never log into the onprem domain
