cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AD Connect passthrough authentication fails for some users

mark1nh
Occasional Contributor

‎Jun 27 2022 04:54 AM - edited ‎Jun 28 2022 02:38 AM

‎Jun 27 2022 04:54 AM - edited ‎Jun 28 2022 02:38 AM

AD Connect passthrough authentication fails for some users

Hi

with Azure AD Connect passthrough authentication we see "50126 InvalidUserNameOrPassword" for some users.

In C:\ProgramData\Microsoft\Azure AD Connect Authentication Agent\Trace\AzureADConnectAuthenticationAgent_....

I can see the corresponding error: 

"Passthrough Authentication request failed....  Reason: '1326'."

The majority of users authenticates ok in azure.

 

In the trace Log I see many System.OperationCanceledException

 

At the AD Domain Controllers I see no "badpassword". I guess at some point Azure AD Connect decides the username is wrong - but there is no differnce in UPN compared to working users.

 

where can i find a solution?

 

best regards

Markus

 

 

 

 

 

Labels:
182 Views
0 Likes
1 Reply
Reply
1 Reply
mark1nh

‎Jul 02 2022 11:44 AM

‎Jul 02 2022 11:44 AM

Re: AD Connect passthrough authentication fails for some users

answering my own question:

the onpremisesuserprincipalname has to be set to the correct value in Azure AD. We did not know about this attribute. Our Azure UPN does not match the one premises one.
It seems PTA uses the onpremisesuserprincipalname to authenticate.
0 Likes
Reply