You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: 'Disable PTA when using Azure AD Connect "Do not configure" | Microsoft Docs'
3
-
description: This article describes how to disable PTA with the Azure AD Connect "do not configure" feature.
2
+
title: 'Disable pass-through authentication by using Azure AD Connect or PowerShell | Microsoft Docs'
3
+
description: This article describes how to disable pass-through authentication by using the Azure AD Connect Do Not Configure feature or by using PowerShell.
4
4
services: active-directory
5
5
author: billmath
6
6
manager: karenhoran
@@ -13,52 +13,47 @@ ms.author: billmath
13
13
ms.collection: M365-identity-device-management
14
14
---
15
15
16
-
# Disable PTA
16
+
# Disable pass-through authentication
17
17
18
-
To disable PTA, complete the steps that are described in [Disable PTA when using Azure AD Connect](#disable-pta-when-using-azure-ad-connect) and [Disable PTA in PowerShell](#disable-pta-in-powershell) in this article.
18
+
In this article, you learn how to disable pass-through authentication by using Azure Active Directory (Azure AD) Connect or PowerShell.
19
19
20
-
## Disable PTA when using Azure AD Connect
20
+
## Prerequisites
21
21
22
-
If you are using Pass-through Authentication with Azure AD Connect and you have it set to **"Do not configure"**, you can disable it.
22
+
Before you begin, ensure that you have the following:
23
23
24
-
>[!NOTE]
25
-
>If you have PHS already enabled then disabling PTA will result in the tenant fallback to PHS.
24
+
- A Windows machine with pass-through authentication agent version 1.5.1742.0 or later installed. Any earlier version might not have the requisite cmdlets for completing this operation.
26
25
27
-
Disabling PTA can be done using the following cmdlets.
26
+
If you don't already have an agent, you can install it by doing the following:
28
27
29
-
## Prerequisites
30
-
The following prerequisites are required:
31
-
- Any Windows machine that has the PTA agent installed.
32
-
- Agent must be at version 1.5.1742.0 or later.
33
-
- An Azure global administrator account in order to run the PowerShell cmdlets to disable PTA.
28
+
1. Go to the [Azure portal](https://portal.azure.com).
29
+
1. Download the latest Auth Agent.
30
+
1. Install the feature by running either of the following:
> If you're using the Azure Government cloud, pass in the ENVIRONMENTNAME parameter with the following value:
35
+
>
36
+
>| Environment Name | Cloud |
37
+
>| - | - |
38
+
>| AzureUSGovernment | US Gov |
34
39
35
-
>[!NOTE]
36
-
> If your agent is older then it may not have the cmdlets required to complete this operation. You can get a new agent from Azure Portal an install it on any Windows machine and provide admin credentials. (Installing the agent does not affect the PTA status in the cloud)
40
+
- An Azure global administrator account for running the PowerShell cmdlets.
41
+
42
+
## Use Azure AD Connect
37
43
38
-
> [!IMPORTANT]
39
-
> If you are using the Azure Government cloud then you will have to pass in the ENVIRONMENTNAME parameter with the following value.
40
-
>
41
-
>| Environment Name | Cloud |
42
-
>| - | - |
43
-
>| AzureUSGovernment | US Gov|
44
+
If you're using pass-through authentication with Azure AD Connect and you have it set to **Do not configure**, you can disable the setting.
44
45
46
+
>[!NOTE]
47
+
>If you already have password hash synchronization enabled, disabling pass-through authentication will result in a tenant fallback to password hash synchronization.
45
48
46
-
## Disable PTA in PowerShell
49
+
## Use PowerShell
47
50
48
-
From within a PowerShell session, use the following to disable PTA:
51
+
In a PowerShell session, run the following cmdlets:
0 commit comments