You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/hybrid/how-to-connect-sso-faq.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -69,9 +69,9 @@ You can use both Azure AD Join and Seamless SSO on your tenant. These two featur
69
69
70
70
Yes, this scenario needs version 2.1 or later of the [workplace-join client](https://www.microsoft.com/download/details.aspx?id=53554).
71
71
72
-
**Q: How can I roll over the Kerberos decryption key of the `AZUREADSSOACC` computer account?**
72
+
**Q: How can I roll over the Kerberos decryption key of the `AZUREADSSO` computer account?**
73
73
74
-
It is important to frequently roll over the Kerberos decryption key of the `AZUREADSSOACC` computer account (which represents Azure AD) created in your on-premises AD forest.
74
+
It is important to frequently roll over the Kerberos decryption key of the `AZUREADSSO` computer account (which represents Azure AD) created in your on-premises AD forest.
75
75
76
76
>[!IMPORTANT]
77
77
>We highly recommend that you roll over the Kerberos decryption key at least every 30 days.
@@ -96,7 +96,7 @@ Follow these steps on the on-premises server where you are running Azure AD Conn
96
96
>[!NOTE]
97
97
>The domain administrator account used must not be a member of the Protected Users group. If so, the operation will fail.
98
98
99
-
2. Call `Update-AzureADSSOForest -OnPremCredentials $creds`. This command updates the Kerberos decryption key for the `AZUREADSSOACC` computer account in this specific AD forest and updates it in Azure AD.
99
+
2. Call `Update-AzureADSSOForest -OnPremCredentials $creds`. This command updates the Kerberos decryption key for the `AZUREADSSO` computer account in this specific AD forest and updates it in Azure AD.
100
100
3. Repeat the preceding steps for each AD forest that you’ve set up the feature on.
101
101
102
102
>[!IMPORTANT]
@@ -140,7 +140,7 @@ Follow these steps on the on-premises server where you are running Azure AD Conn
140
140
4. Run PowerShell as an Administrator. In PowerShell, call `New-AzureADSSOAuthenticationContext`. This command should give you a popup to enter your tenant's Global Administrator credentials.
141
141
5. Call `Get-AzureADSSOStatus | ConvertFrom-Json`. This command provides you the list of AD forests (look at the "Domains" list) on which this feature has been enabled.
142
142
143
-
**Step 3. Manually delete the `AZUREADSSOACCT` computer account from each AD forest that you see listed.**
143
+
**Step 3. Manually delete the `AZUREADSSO` computer account from each AD forest that you see listed.**
0 commit comments