Azure AD

[Scott Green]

Are there any special steps I need to take for using PWM with Azure AD?  Do I need to enable anything on the Azure side to allow that process?

Thanks,

Scott

[Jason Rivard]

You will need to enable LDAPS in azure:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/configure-ldaps

Also my experience with Azure's LDAP service is that sync with an Azure domain can take up to a full hour from the domain to LDAP.  From LDAP to domain is immediate.  So if you use a domain tool (such as logging in to the azure dashboard) and setting a user password it can take up to an hour before it will appear to LDAP (and thus to SSPR).  In practice this shouldn't be an issue but while configuring and testing it is a major pain and confusion point.

[Scott Green]

Is there a good way to sync an AD password to an Office 365 / Azure user?  Or a process to run that will sync the password when it's reset?

Thanks,

Scott