2 months ago how did change from ADFS to PTA?
We do not sync the password hash with Azure, so the only source of authentication is our local Active Directory.
Previously with ADFS and now with PTA agents for our local AD.
Now we have found that an expired account can log in regarding its expiration !?
I knew about the fact that the useraccountcontrol attribute is not synchronized with azureadconnect. Therefore, this problem is normal if we use the azuread account with a synced password hash, but the PTA should match the user's local account balance with ADFS! His.
I can not find any additional information about this problem (especially in connection with PTA). Therefore, I need to know if this is an error or a function. 😉