Azure Password Writeback

What is password writeback in Azure AD?

In this article, we will discuss what is password writeback, its features, and how to enable password writeback in Azure AD, etc.

Azure Password Writeback

Password writeback is an excellent feature that helps when you change your password for your Azure AD in the cloud, which will automatically write back the password to your existing on-premises directory.

You can enable the password writeback feature via Azure AD Connect and SSPR.

Features Of password writeback in Azure AD

Let’s discuss a few key features of Azure AD password writeback.

No-delay Response

While trying to change the password, if in case it doesn’t meet the password policy or due to some reason you are not able to update your passwords, the writeback feature helps you with an immediate notification on the detailed reason.

No inbound firewall rules are needed

You don’t need any inbound firewall rule in case of Password writeback, as all communication is outbound over port 443.

Ensures your password meets your on-premises AD DS policy

Once you are trying to reset your password, before updating, this feature ensures that the password entered by you meets your on-premises AD DS policy in terms of complexity, age, history, restrictions, etc.

How do I enable writeback password in Azure?

Follow the below steps to enable password writeback for SSPR.

  1. Use your global admin account credentials to log in to Azure Portal.
  2. Once you have logged in to the portal, search for Azure Active Directory and click on the search result Azure Active Directory.
  3. Click on the Password reset from the left navigation –> Then select On-premises integration.
  4. Set Yes for the option  Write back passwords to your on-premises directory?.
  5. Then, set Yes for the option that allows users to unlock accounts without resetting their password.
  6. Finally, click on the Save button to save the changes.


How long does password writeback take to work

Answer: Under 500 ms.

How to check if password writeback is enabled

Answer: Run the Get-ADSyncAADCompanyFeature PowerShell command.

What types of accounts does password writeback work for

Answer: Synced IDs

You may also like following the articles below

Wrapping Up

In this Azure article, we discussed what password writeback in Azure AD, its features, and how to enable password writeback in Azure AD, etc is. Thanks for reading this article !!!