启用AAD域服务 - 仅现有云用户帐户密码重置 [英] Enable AAD Domain Services - existing cloud only user accounts password reset

问题描述

如果启用AAD域名服务，是否要求所有仅限云用户都需要重置其密码？

if i enable AAD domain services is it required that all the cloud only users need to reset their passwords?

https ：//docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-synchronization

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-synchronization

启用Azure AD域服务时，Azure AD目录会在NTLM&中生成并存储密码哈希值。 Kerberos兼容格式。

When you enable Azure AD Domain Services, your Azure AD directory generates and stores password hashes in NTLM & Kerberos compatible formats.

对于现有的云用户帐户，由于Azure AD从不存储其明文密码，因此无法自动生成这些哈希值。因此，Microsoft要求 

For existing cloud user accounts, since Azure AD never stores their clear-text passwords, these hashes cannot be automatically generated. Therefore, Microsoft requires cloud-users to reset/change their passwords in order for their password hashes to be generated and stored in Azure AD. For any cloud user account created in Azure AD after enabling Azure AD Domain Services, the password hashes are generated and stored in the NTLM and Kerberos compatible formats.

推荐答案

Hello Azmat，

Hello Azmat,

对于需要使用Kerberos / NTLM进行身份验证的所有云帐户，需要输入密码重置是强制性的。 

For all the cloud accounts that need to authenticate using Kerberos/NTLM , a password reset is mandatory. 

这篇关于启用AAD域服务 - 仅现有云用户帐户密码重置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！