Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
839 questions
Entra ID Connect Authentication Pass-Through with Microsoft Defender for Identity
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 77%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
Dalton Reeves
136
Reputation points
I was reviewing options today in regard to Entra ID Connect, currently we use Password Hash Synchronization. However, after review, Pass-through authentication sounds like it would be a better overall user experience but the poor documentation and even worse document linking leaves questions unanswered.
One area states that PTA can't detect or nullifies Entra ID's ability to alert on users with leaked credentials and doesn't work with Entra ID Connect Health -- which sounds as if identity protections and other insights to the health of your tenants identity infrastructure take a big hit, not ideal at all.
I would like to assume that with the implementation of Microsoft Defender for Identity AKA MDI, w/e protections or insights that were otherwise lost with PTA turned on, MDI compensates for and improves/delivers better overall protections with the sensors being installed on the DC(s) etc. -- but there isn't a single shred of info that tells the customer that and it is maddening. They don't even both stating "if you use PTA, it would be in your best interest to use MDI or other Identity Protection Platform".
Microsoft Identity Manager
Sign in to answer