Password writeback succeeds but users cannot unlock accounts

Scenario

Users can reset passwords through self-service, but on-premises account unlock or sign-in does not behave as expected afterward.

Recommended Resolution Path

1. Confirm the hybrid identity configuration includes the required writeback and account unlock settings.
2. Review sync timing and whether the account is unlocking in the right directory.
3. Test with one known account while watching directory sync logs to avoid broad guesswork.
4. Document whether the issue affects password reset only, account unlock only, or both.

Technician Notes

Document what changed, what confirmed the fix, and whether the issue points to a broader standards gap worth addressing for the client.