Forum Discussion
Windows Live Custom Domains causes Entra account lockout
Hi everyone, we have an on-prem AD connected with EntraConnect to EntraID since about 3 years. We only sync users and groups, no password hash or anything else. Since a few days 4 (out of about 250)...
Disabling SMTP Auth in Exchange didn’t resolve the issue, as it didn’t revoke all user sessions.
The challenge is that Windows Live Custom Domain is a very old application. It doesn’t appear under Enterprise Apps, which means we cannot block sign-ins for it, and Conditional Access policies aren’t being applied.
As a workaround, I’ll try creating the app in our tenant via MS Graph, using the same AppID and DisplayName, just in case it helps.
I’ve also raised a support ticket with Microsoft and am waiting for their response. It seems we’re not the only ones facing this issue.
https://www.reddit.com/r/entra/comments/1nozmi8/password_spray_attack/