What is password writeback?

Password writeback is a feature of Microsoft Entra Connect. It ensures that when a password changes in Microsoft Entra ID (password change, self-service password reset, or an administrative change to a user password) it is written back to the local Active Directory (AD) – if it meets the on-premises AD password policy. 

What is password writeback

Technically, a password writeback operation is a password “reset” action. Password writeback removes the need to set up an on-premises solution for users to reset their password. It all happens in real time, so users are notified immediately if their password cannot be reset or changed for any reason. 

It can be enabled with password hash synchronization (PHS) meaning that a cloud password change is first written back (as a hash) to on-premises AD and then forwarded (as a hash of a hash) to the cloud. It can be enabled with pass-through authentication (PTA)meaning that a cloud password change need not be written to the cloud at all.

Find out more about pass-through authentication on our Microsoft Entra Connect Masterclass.

You will learn what It can do beyond its ‘out-of-the-box’ form as well as learn how to configure and maintain it.  The 3-day course includes lectures, demos, discussions, and hands-on labs.


Don’t have the time to attend a course?
Entra Connect Video TrainingLearn exactly what you need to know, when you need to know it, with our series of highly practical video training courses.





R driven provisioning solution for AD trainingLearn how to build an HR-driven provisioning solution for your Active Directory and Azure Active Directory with our practical video training.