What is the authentication mechanism process between on premise AD and O365?

Hi,

I try to understand the authentication mechanism with O365 if we decide to go in cloud. For Example if a user change his AD password then how it will take to sync to O365?

Is it synced by Azure AD Connect? If yes how often or how long does it take to sync the pw change?
LVL 1
SAM2009Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AmitIT ArchitectCommented:
Azure AD Connect is used to sync password and other attributes. By default is 30 mins. Refer: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-feature-scheduler

Read this also: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization

Remember, password in clear text never sync. Even in your local lan also, password never travels between client and server.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SAM2009Author Commented:
But when a user change his pw is it really takes also 30 min or the process is considered as a priority and it goes faster?
0
AmitIT ArchitectCommented:
Password changes are replicated within 2-3 mins. However, If you ask my suggestion you better use ADFS or Pass-through authentication.
0
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

IvanSystem EngineerCommented:
Hi,

no, it will sync right away. Password change will force sync right away.
If you use passthrough or ADFS then you would be using your DC and there would be no need to sync passwords.

Regards,
Ivan.
0
SAM2009Author Commented:
So why we use AD Connect then instead of using ADFS or passthroug?
0
AmitIT ArchitectCommented:
AD connect is work as a bridge between on-premises and cloud to replicate your on-premises users to cloud. It is not just password. ADFS is been around for long time for SSO. Pass-through is the latest edition. So, Microsoft is improving day by day and making it easier for customer to move to cloud.

Check: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta
0
SAM2009Author Commented:
Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.