an OU is created in the Active Directory. but when I'm trying to select that in "password policy". the Adaxes is not allow for me to choose OU. only AD users and groups can be selected. is there any way to choose OU?
Hello Justin,
Do we understand correctly that you mean scopes of domain password policies? If that is correct, there is no possibility to select OUs in the scope, only specific users and groups.
We are looking for a tool that can support a blacklist for password resets and that will enforce this blacklist to certain OU groups but not others, or potentially use a whitelist of users that it will not be enforced upon.
I did some testing around Fine Grained Paswword Policy and Adaxes. See my previous post. It seems to be OK. HOWEVER If I use the Adaxes web portal to view a user's ... the default domain policy and not the true one as of the FGPP as implemented by Adaxes.
I have created a fine grained password policy in Adaxes with expiry dates in 100 days. It appears to work. However ADUC still show the accounts expirying in 42 days as ... Adaxes or only reflect the domain policy even if it no longer applies to the user?
Currently, it is not possible to manage Azure AD password policies via Adaxes. Cause Microsoft Graph API currently doesn't support password policy management. The issue is outlined here.
We use a third party tool to enforce stronger password policy than what AD allows. Is there a way to change the text on password change windows to reflect this?