How is the initial password set on newly create Active Directory accounts? How can this information be conveyed to the user. or user's manager, or service desk?

[mlibenocg]

[Enter feedback here]

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 90fd487d-65b9-917b-4687-650b34dc4d81
• Version Independent ID: 27a18d45-66ab-bc71-d928-93f93fb190dd
• Content: Tutorial: Configure SuccessFactors inbound provisioning in AD and Azure AD - Microsoft Entra
• Content Source: articles/active-directory/saas-apps/sap-successfactors-inbound-provisioning-tutorial.md
• Service: active-directory
• Sub-service: saas-app-tutorial
• GitHub Login: @cmmdesai
• Microsoft Alias: chmutali

[mlibenocg]

When a user object is created in Active Directory, it must have a password in order to be enabled. User needs to know this password to log on to Active Directory or Azure Active Directory.

[MarileeTurscak-MSFT]

@mlibenocg Thanks for your feedback! We will investigate and update as appropriate.

[mlibenocg]

Marilee,

I may have found an answer on the corresponding tutorial for Workday. It contains the following:

When processing a new hire from Workday, how does the solution set the password for the new user account in Active Directory? When the on-premises provisioning agent gets a request to create a new AD account, it automatically generates a complex random password designed to meet the password complexity requirements defined by the AD server and sets this on the user object. This password is not logged anywhere. I suspect Success Factors is the same.

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/workday-inbound-tutorial

Regards, Mike Liben

Client Confidential - OCG Internal From: Marilee Turscak - MSFT @.> Sent: Friday, August 19, 2022 12:38 PM To: MicrosoftDocs/azure-docs @.> Cc: Michael Liben @.>; Mention @.> Subject: [EXTERNAL]Re: [MicrosoftDocs/azure-docs] How is the initial password set on newly create Active Directory accounts? How can this information be conveyed to the user. or user's manager, or service desk? (Issue #97320)

[EXTERNAL] Use caution opening attachments, clicking links, or responding.

@mlibenocghttps://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmlibenocg&data=05%7C01%7Cmichael.liben%40oxfordcomputergroup.com%7Cd6b14f19bcbd433ea05b08da82013e04%7C9505d3230e794ceab1d35475ecc368b6%7C0%7C0%7C637965239117711842%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=CaK4L7rQ96YED8%2FQDlsnRq4umfW2UwKc8zOYK%2FpY5hQ%3D&reserved=0 Thanks for your feedback! We will investigate and update as appropriate.

- Reply to this email directly, view it on GitHubhttps://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Fazure-docs%2Fissues%2F97320%23issuecomment-1220876575&data=05%7C01%7Cmichael.liben%40oxfordcomputergroup.com%7Cd6b14f19bcbd433ea05b08da82013e04%7C9505d3230e794ceab1d35475ecc368b6%7C0%7C0%7C637965239117711842%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FKP80d7P6YcBGLvaGjipkDxUSAxWIH3CMCqoQX1zvEY%3D&reserved=0, or unsubscribehttps://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAO3KH6VSXC5M2VB5UQFGC5LVZ62AFANCNFSM57AQLJIA&data=05%7C01%7Cmichael.liben%40oxfordcomputergroup.com%7Cd6b14f19bcbd433ea05b08da82013e04%7C9505d3230e794ceab1d35475ecc368b6%7C0%7C0%7C637965239117711842%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=psDW6I5RvGYq1toT9FiG%2BovSK2uzjIvBbV0z%2FZuVYbE%3D&reserved=0. You are receiving this because you were mentioned.Message ID: @.**@.>>

DISCLAIMER: The information contained in this message may be confidential and/or subject to legal privilege and is for the use of the intended recipient(s) only. Any unauthorized use, dissemination or copying of the information in this message is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete this message.

[AjayBathini-MSFT]

@mlibenocg we reviewed your statement and came to the point

When the on-premises provisioning agent gets a request to create a new AD account, if you go with "Auto-generated password" it automatically generates a complex random password designed to meet the password complexity requirements defined by the AD server and sets this on the user object. This password is not logged anywhere. If you go for option "Let me create the password" then following steps to be followed as mentioned below screenshot while creating the new password.

[mlibenocg]

Thanks for update Ajay. The pop-up containing the password format guidance is obscuring the screen underneath. Am I correct in assuming the initial password set is the same for all users? Is there any provision-current or planned--for establishing the initial password with a formula that can leverage some attributes contained in HR attributes? For example, a common initial password formula may include portions of a person's first or last name and perhaps a portion of their birth date or national identifier.

[omondiatieno]

mlibenocg, we closing this issue and tracking the updates internally. Thank you for contributing to our docs.

please-close