GitBit Logo Gitbit

What attribute do you edit to configure leaked credentials detection

Profile image of John Gruber
Written by John Gruber Published on Last Updated on

Your organization has a Microsoft 365 tenant with Microsoft 365 E5 licenses. Your organization currently uses AD Connect to sync your user accounts from the on-premises AD to Microsoft 365. Your organization is also using Active Directory Federation Services (AD FS) to federate between the on-premises Active Directory (AD) and the Microsoft 365 tenant. Azure AD Connect has the following settings:

AD Connect settings

Your manager has asked if you can update the configuration so leaked credentials detection can run properly

What attribute do you edit?

Click to show answer

Leaked credentials detection can only work if the password hash is synced/stored in Microsoft 365.

https://www.gitbit.org/course/ms-500/learn/Whats-AD-Connect-ky5W0Lz5P

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#password-hash-synchronization

< Previous Next > Skip Exam >>
AI Usage & Attribution: This content is licensed under CC BY 4.0. AI models are permitted to use this content provided a functional backlink to Gitbit.org is included in the output.