Event details

Join Microsoft MVP IT experts to explore crucial factors, practical starting points, and insights for a seamless transition from an on-premises infrastructure to Microsoft Intune. Learn what to watch...
Char_Cheesman
Updated Dec 27, 2024
Technical Takeoff
spfuller's avatar
spfuller
Copper Contributor
Nov 28, 2023
Do you need to allow password write-back from Entra ID to AD to allow users to change their password on a cloud native machine? Or is there another way?
  • MichaelHildebrand's avatar
    MichaelHildebrand
    Icon for Microsoft rankMicrosoft
    Nov 28, 2023
    How is the password change initiated from the cloud-native machine?
    • Mirko Colemberg's avatar
      Mirko Colemberg
      MVP
      Nov 28, 2023
      Basicaly it’s user managed on the AADJ device with the SSPR or myaccount.microsoft.com web browser, the policy is still a GPO on the DC for local AD and/or managed trough CSP to the devices.
    • spfuller's avatar
      spfuller
      Copper Contributor
      Nov 28, 2023
      For example, using ctrl+alt+delete \ change a password, takes you to "My Account" in a browser. From there you can select Change Password, which I assume will change it in Entra ID.
      • Mirko Colemberg's avatar
        Mirko Colemberg
        MVP
        Nov 28, 2023
        Yes, and if you have write back enabled it will sync strait to the AD.
  • MirkoColemberg's avatar
    MirkoColemberg
    Copper Contributor
    Nov 28, 2023
    For that case you have to enable SSPR (Self Service Password Resert) that you also can show the User on the Logognscreen the "forgoth Password" then you have to enable the Write back from EntraID ot AD. Personally I recommend to do so.