Multiple Azure AD Password Policies

%3CLINGO-SUB%20id%3D%22%5C%26quot%3Blingo-sub-3165917%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3EMultiple%20Azure%20AD%20Password%20Policies%26lt%3B%5C%2Flingo-sub%26gt%3B%3CLINGO-BODY%20id%3D%22%5C%26quot%3Blingo-body-3165917%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3E%3CP%3EHello%2C%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3Eworking%20with%20a%20complex%20Azure%20AD%20which%20contains%20different%20kind%20of%20users%3A%3CBR%20%2F%3E%3CBR%20%2F%3E%26lt%3B%5C%2FP%26gt%3B%3CUL%3E%3CLI%3EAD%20Synced%20Users%26lt%3B%5C%2FLI%26gt%3B%3C%2FLI%3E%3CLI%3ECloud%20Only%20Users%20within%20different%20Administrative%20Units%20(Countrys)%26lt%3B%5C%2FLI%26gt%3B%26lt%3B%5C%2FUL%26gt%3B%3CP%3EIs%20there%20any%20option%20to%20enforce%20different%20kind%20of%20password%20policies%20for%20them%3F%3CBR%20%2F%3EEspecally%20the%20synced%20Users%20should%20get%20no%20Azure%20AD%20Policy%20because%20the%20AD%20Sync%20is%20one%20direction.%3CBR%20%2F%3EThe%20secound%20group%20use%20different%20policies%20on%20their%20local%20ADs%2C%20sure%20the%20Azure%20AD%20Account%20is%20separated%20but%20the%20like%20to%20have%20their%20own%20%22rules%22%20%3F%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26lt%3B%5C%2FP%26gt%3B%3C%2FP%3E%3CP%3EPlease%20point%20out%20any%20informations%2C%20technical%20od%20public%20adivce%20and%20adoption%20documents.%3CBR%20%2F%3EThx%26lt%3B%5C%2FP%26gt%3B%26lt%3B%5C%2Flingo-body%26gt%3B%3CLINGO-LABS%20id%3D%22%5C%26quot%3Blingo-labs-3165917%5C%26quot%3B%22%20slang%3D%22%5C%26quot%3Ben-US%5C%26quot%3B%22%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%20(AAD)%26lt%3B%5C%2Flingo-label%26gt%3B%3CLINGO-LABEL%3EPassword%20Protection%26lt%3B%5C%2Flingo-label%26gt%3B%26lt%3B%5C%2Flingo-labs%26gt%3B%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3C%2FP%3E%3C%2FLI%3E%3C%2FUL%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3C%2FLINGO-SUB%3E
Occasional Contributor

Hello,

 

working with a complex Azure AD which contains different kind of users:

  • AD Synced Users
  • Cloud Only Users within different Administrative Units (Countrys)

Is there any option to enforce different kind of password policies for them?
Especally the synced Users should get no Azure AD Policy because the AD Sync is one direction.
The secound group use different policies on their local ADs, sure the Azure AD Account is separated but the like to have their own "rules" ?

 

Please point out any informations, technical od public adivce and adoption documents.
Thx

1 Reply
Azure AD password policy only applies to Azure AD accounts and not for Synchronized accounts. You can find more information here - https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#:~:text=A....