Password reset not working because password writeback not working in portal.azure.com
Basically I have missed 2 steps. Apart from above settings in the question itself,
(1)Self service password reset
should be turned on.
and from onpremis integration "write back passwords to onprmises directory"
should be enabled.
and also this needs azure p2 or similar license and besides when a user loggs in it will ask to provide mobile/and different email.
Users themselves can reset password now and Passwordwrite works and sync works as expected.
Related videos on Youtube
Aravinda
Updated on September 18, 2022Comments
-
Aravinda over 1 year
I have a problem with
portal.azure.com
user password reset. I have configured hybrid identity withsingle sign on
in azure AD and onpremis AD. The connection was made viaAzure AD Connect
.The problem is I have configured
password writeback
already in AD ConnectYet when I try to reset a password of a
Windows Server AD user
(For example "n3 n4" user in the below image)
which is already populated in Azure AD it says**Unfortunately, you cannot reset this user's password because password writeback is not enabled in your tenant.**
but users made in in Azure Active Directory
(for example "admna" in the below image)
can be reset.This same azure tenant has a office 365 tenant as well. If i reset a user password via office 365, reset successful yet, then there are two passwords, one for onpremis windows login and the other is for office 365 . Apparently office 365 can reset password and its not sync to the local AD, while Azure portal cant reset password at all .
I can reset passwords via local AD and successfully sync to the cloud.If i reset via local AD and it will sync without any issue. Apparently sync works one way from local to Cloud and not vise versa.
When we look at directory sync no issues reported. (All green)
and here is my AD connect settings, Where "Adsync" user is a enterprise admin.
and also "Adsync" user has
full control
overActive directory users and computers
in the below mannerAnd the
azure global admin
(admna) used to sync has following license. (https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-whats-next)No matter what password reset in azure says,
Please guide me what I'm messing up? which direction I should take to troubleshoot/fix this? any help would be appreciated .
Thanks in advanced for you valuable time spent on this.
KR
Aravinda
-
joeqwerty almost 6 years
Please guide me what I'm messing up? which direction I should take to troubleshoot/fix this?
- Open a support request from the Azure Active Directory admin center. -
Aravinda almost 6 years@joeqwerty thanks . I opened a ticket at microsoft as you said and expert from microsoft called SureshKumar Chintalapally helped me and issue resolved. I have missed few steps and now all ok. I will update the answer in a moment.
-