In case you missed the official announcement on June 3, 2013, we have some great news for customers using the Windows Azure Active Directory Sync tool. You now have the option to leverage a new feature that synchronizes your on-premises passwords to your Office 365 accounts.


Password Hash Sync is a feature of the Windows Azure Active Directory Sync tool that synchronizes user passwords from your on-premises Active Directory to Windows Azure Active Directory (“Azure AD”). Once the passwords have synchronized, users in your organization can logon to their internal workstations or applications and their Azure Active Directory services (such as Office 365, InTune, CRM Online, etc.) using the same password. This is different than Single Sign-On (SSO) as there is no token sharing / exchange, this means that Windows Azure AD will be providing authentication and authorization of the user based on the synchronized account and password. That leads to the obvious question, what if you are already using a Single Sign-On solution such as AD FS? We’ll cover switching in our next post.


Where can I get the new Dirsync with Password sync bits?


You can grab the latest version of Dirsync here or it is available in the Office 365 portal under ‘users'  and then Dirsync.


What version of Dirsync has Dirsync with Password sync?


Dirsync with password hash sync is available in versions 1.0.6385.12 or newer.


How can I quickly tell if I have the right version downloaded?



When you download Directory Synchronization (dirsync.exe), the first way you can tell is by size. The file size is about 183+MB vs. the older version is 99MB.  The other way you can tell is by the icon. The application icon should be our new Windows logo with the for blue squares. The final way to confirm this is by hovering over the dirsync download and check the version with Dirsync with password hash sync or later is: 



 

 

To learn more about Password Hash Synchronization, see the following Microsoft sites…