DirSync & change password at log on

I have been playing around with Azure AD in preparation for speaking at TechED NZ this year; once I got DirSync up and running I found that each new account that I created in my local AD could not log on to MyApps.microsoft.com unless I reset its password.

This puzzled me for a couple of nights….What was I doing wrong ?

It turns I was doing nothing wrong, what I was experiencing was the correct behavior when “User must change password at next log on” flag is set.  This flag is set by default when creating a new User Account using ADAC.

Unlike your local AD where staff get prompted to reset their password after logging in; when accessing MyApps.Microsoft.com staff get a user name or password  incorrect and they can click on the link to reset their password.

It would be nice if there was some way that Azure AD could prompt and say your Administrator has requested that you reset your password before you can log in 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s