Windows 10: Privileged Access Workstations to manage On-Prem AD and Azure AD

Hi,I am looking for a PAW solution with which we can administer critical Tier0 On-Prem systems and also the high privileged Azure AD tasks For example; Global Admin tasks. Is there any article or source available which we can refer to get a better understanding on this. Could you please share ? Thanks in advance. Many Thanks & Best Regards,

:)

 

Disconnecting on prem AD and then joining Azure AD creates new Windows profile?

Hello everyone,

I have a question about joining computers in my firm from on prem AD to Azure AD. When someone new arrives at our firm (new employee), there is a fresh installation of Windows 10. It is easy to join Azure AD
because it is a fresh start, but now we have to migrate all Windows 10 users that are on prem AD to Azure AD. When I disconnect those users from our local on prem AD and join them to Azure AD, whole new Windows 10 profile is created, without any of settings,
data or anything else on that profile (clean profile with few applications that are installed computer-wide). So my question is, is there any solution to keep their profile settings from before they joined Azure AD? Or I will have to simply tell them to backup
everything (essential data).

What I tried so far:

• Tried tools for migration like ForensiT (User Profile Wizard, User Profile Manager and Transwiz, just to see if it is going to work) - not successful
• Tried changing profile path from registry - not successful
• Tried log in with the old credentials example: CONTOSO\user (because after I joined that computer to Azure AD user should log in as *** Email address is removed for privacy ***) - not successful

Is there anything else I can try? Thanks for your answers.

 

Azure AD Banned Password List without On-Prem Agent

Hi All,

I am considering enabling banned password list for our Azure AD in our hybrid environment and want to ask, how doing that will affect our environment if we do not install the on-prem DC agent, as our on-prem does not meet minimum requirements.

Which password resets and changes will be validated through banned password list and which will not?

Will 'noncompliant' passwords synced from on-prem to Azure AD be causing issues?

TIA,

W

 

Azure AD Banned Password List without On-Prem Agent

Hi,



Thank you for writing to Microsoft Community Forums.



I understand your query regarding Azure AD Banned Password list without On-Prem agent.



We do have a dedicated forum for issues concerning to Azure AD, let me point you in the right direction, where you may find appropriate support for the issue. I would suggest you to post your query in
Microsoft Q&A, where we have support professionals to address your query.



Article for reference:

• Eliminate bad passwords in your organization
  
• Configuring the custom banned password list
  
• Azure AD Password Protection on-premises - Frequently asked questions
  

I hope your query gets resolved at the earliest.



Regards,

Nikhar Khare

Microsoft Community - Moderator