Hi Mourik Jan,
what a great tool. :(
Did you try pass-through authentication as suggested by Microsoft?
If this does not help, it seems that this would require some regular
check of the users and communication with Azure. So it could be done as
a LAM Pro cron job.
But it seems there are already people who published scripts that can be
run periodically and do the same job. So it seems there are already
solutions for this issue.
Best regards
Roland
Am 14.06.21 um 21:53 schrieb mj:
Hi!
No, it's not a bug, it's something microsoft knows about:
https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/31459621-sync-account-expired-useraccountcontrol-to-azure
and there are numerous descriptions and workarounds available on the
internet, like:
https://techcommunity.microsoft.com/t5/office-365/password-expiration-with-aad-connect-password-hash-sync/m-p/329248
Just google it.
It is something many people on the planet solve in many different ways,
and to have LAM take care of it, would be ideal for us, as LAM knows
everything that's needed to take care of this.
MJ
On 6/14/21 8:38 PM, Roland Gruber wrote:
Hi Mourik Jan,
Am 14.06.21 um 19:18 schrieb mj:
Here it goes: One of the problems with syncing local AD (like samba)
accounts to the Azure AD cloud (when including password hashes) is
the fact that when local AD passwords expire or accounts become
disabled, the linked account (+ password hash) in Azure AD remains
unaffected.
this sounds like a bug in the sync tool. I would suggest to address it
there first.
You could implement some workaround using LAM with custom scripts:
https://www.ldap-account-manager.org/static/doc/manual/ch04s26.html
But this is really just a workaround. The clean solution would be to
fix the sync tool.
Best regards
Roland
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
