azure-active-directory azure-ad-domain-services

Pass Through Auth (PTA) and Password Hash Sync (PHS)

In our environment, we are using pass though auth for Azure AD but for Azure AD Domain service, we need to enable Password Hash Sync as well. I have few questions on that:

1) Can we enable both PTA and PHS? 2) If above is possible, then which one will be the primary auth? 3) Can we enable PTA for Azure AD and PHS for Azure AD DS? 3) Can we make PHS primary and PTA as manual failover?

Thanks in advance

Solution

Currently, it's not possible to enable both PTA and PHS from one AAD Connect.

In the future, there may be have some other light tools for this but it has no ETA from Microsoft Azure AD Product Group.

Is there a query to run so I can get a list of users who has NOT logged in, in the past 30 days?
Access Sharepoint Online Files from .NET Worker Service via Microsoft Graph/OAuth - Unauthorized or Access Denied error (401)
Get-RemoteDomain in powershell exchange online error : The term 'Get-RemoteDomain' is not recognized as the name of a cmdlet
Azure Storage accounts container public access level has dissabled
How to get "exp" from jwt token and compare with it current time to check if token is expired
How to refresh client assertion in ConfidentialClientApplication?
Enforce MFA for specific API called from SPFx via AADTokenProvider (Even with SPO MFA)
How to extract TLS 1.X of all app services/web app running Azure
Why Can't I See Roles Assigned to an App Registration in Azure?
Connect C# ASP.NET Core web app to Microsoft Graph calendar
Is there a way to find out all users of a particular group in AzureAD?
MSAL Redirect on Failure AADSTS50105
Microsoft Power BI REST API PowerBINotAuthorizedException
AzureAD SAML SSO through AWS Cognito - doesn't match requested authentication method
How to get username after logged in?.I am trying with MSAL (@azure/msal-angular) for Azure Signin
Display all the user's files using Microsoft Graph API not working
Get Access Token from Microsoft Graph for ClientId with delegated permissions
How to call Microsoft Graph API from ASP.NET Core Web API that is called by SPA
add-kdsrootkey error the request is not supported
AADSTS50011: The redirect URI http does not match the redirect URIs
Access Token Issuer from Azure AD is sts.windows.net Instead Of login.microsoftonline.com
Getting user data through an Azure AD OAuth login - React Native Expo App
HTTP request to update Service Principal Entra
on-behalf-of flow, getting error AADSTS50013 while acquiring obo token
Azure AD B2C Password Reset
ASP.NET Core 5 WebAPI - Azure AD - Call Graph API Using Azure Ad Access Token
Programmatically Assign Exchange Roles to a Group in Azure AD using Microsoft Graph API
"AADSTS900144: The request body must contain the following parameter: 'grant_type'.?
Signature validation of my Azure access-token, Private-key?
Entra ID OIDC Failed Auth Attempt Logs