Rollover Kerberos Decryption Keys – Azure AD Connect

Our site has been running Azure AD Connect/Hybrid Azure for over a year now. I’m attempting to rollover the decryption keys this month and have been receiving this error: I’ve attempted to complete the following so far: Manually go through the synchronization service, and verifying that password synchronization is setup and has a green checkbox. … Read more

New Domain: Cannot synchronize new domain way after 72 hour tenant window has closed

We have a tenant:, which behind the scenes has changed its internal active directory. We tore down the old domain, disconnected the old domain, waited the requisite 72 hours, and still cannot get the new domain to synchronize. We cannot even start over with a new domain on the Azure tenant because we cannot … Read more

WHfB – Hybrid Certificate Trust – Failed provisioning

After setting up Windows Hello for Business, in a Hybrid Azure AD joined Certificate Trust Deployment scenario, i ended up with the following events in my test client machine after a failed provisioning. I reviewed my setup, but i must be missing something. Any help would be highly appreciated. ############################## Microsoft-Windows-AAD/Operational TimeCreated : 13/05/2020 11:57:04 … Read more

On-Prem AD to Azure AD Sync with existing users in both

I have an on-prem active directory domain called I also have an Azure AD domain called The two are not synchronized at the moment. What I want to be able to do is enable directory synchronization between on-prem and Azure AD. This brings me to the issue at hand. I have a user … Read more

Disabling Synchronization Rule – Out to AD – User NGCKey in AzureAD Connect

I have an on-premise deployment of Windows Hello for business [Certificate Trust] using ADFS 4.0 DRS. I also have an O365 Apps for Enterprise (Pro-plus) subscription. The identities (users only) are synced from on-premise to Azure AD. Only 8 attributes (Required for O365 Pro-plus is synced), [App Filtering in used] accountEnabled cn displayName objectSID pwdLastSet … Read more

Changing the synched on-premise active directory to azure AD

I’ve got a new customer which already has an Azure AD sync from his on-premise active directory with Azure AD Connect. The goal is to set up a new Azure AD Connect to sync a new different on-premise AD to the existing Azure AD. The customer is using Exchange Online primarily. Is there anything I … Read more

How Reset Desktop password using Azure self service password reset?

We have hybrid Network and 75% of users are available on O365 joined and 25% users are still using on premise active directory and exchange emails. With covid pandemic, All employees are working from home. We need to enable self service password reset. Because many users get locked and forget their password when they at … Read more