cloud accounts. password policies

Jerry Seinfield
Jerry Seinfield used Ask the Experts™
on
Hi Experts,

In a Federated identity model, where an organization has a hybrid environments [AD on prem-Azure, Office 365], multiple DCs in Azure and ON prem, ADFS, Azure connector servers, and so on, I do have a question related cloud accounts:

•Are they managed in Azure AD?
•Are the password requirements the same as on-prem AD accounts, meaning the complexity/length and the frequency of how often they must change.

We do know for fact, that in a federated identity model, every time an account is created on PREM, is automatically synched to the tenant , and password policies are handled on prem because of the ADFS implementation model, but my queries are more related when an account is created from the azure or O365 portal. By the way, we do have password write back implemented on the tenant, to sync any changes on the tenant back to on prem

Please, elaborate your answers, looking for more than a copy paste from Azure links

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2015
Distinguished Expert 2018
Commented:
That's usually what is designated as "cloud account" - account created and managed directly in Office 365/Azure AD. The Azure AD password policies apply for such accounts, as they are not "connected" in any way with your on-premises environment. You have some control over the policies, but in general if you want them to match the on-premises ones, you should "link" such accounts to on-premises object.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial