Passthrough Authentication - cloud and synced users

Brass Contributor




We have a hybrid setup with AAD Sync and Passthrough Authentication enabled. In our setup we have a few offices across Europe with replicated domain controllers. AAD Sync is installed on a server at the main site only. 


We have started to convert some accounts to cloud only and also started create cloud only accounts (only present in AAD). What we noticed is that some cloud users can not sign in to their computers (Intune) where they get the error "The user name or password is inocorrect" and on the AAD Sync Server I can see the error code 1326. 


I now wonder if this can be caused by the Passthrough Authentication where we should have it disabled and instead use the Password Sync instead?


To make things more complicated, when signing in with an account that is having issues from our main office where the primary DC and AAD Sync is present it works but when signing in from a branch office it fails.



0 Replies