Yes, using a Azure AD Connect feature called “Password Writeback.”
The Longer Answer
The Microsoft Azure AD Connect sync tool supports a feature called Password Writeback that requires password changes made in the cloud to be evaluated against your on-premise Active Directory. Password Firewall for Windows operates as an extension to the built-in password policy engine in Windows. This means that whenever a password is changed in the cloud (or on-premise), Password Firewall will scrutinize the password choice against all configured blacklists, including your own custom blacklist if you use that feature.
The Password Writeback operation happens in real-time, so if a blacklisted password is chosen, the user receives a standard message prompt in the cloud portal reporting that their password choice did not meet the organization’s password policy. If the end-user wishes to change their password, then they are required to make a new password choice.
You can read about the Password Writeback feature here:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-writeback
The Final Answer
Password Firewall for Windows prevents use of bad passwords and is a great way to protect your Office 365-enabled organization.
