The Self Service Reset Tool is a great feature from the Azure world. It’s easy to implement with just 3 easy steps and allows users to reset their passwords. I’ve implemented this for numerous clients and it reduces the amount of help desk tickets for lost passwords. When this option is enabled, the user will be required at next login to setup secondary authentication methods such as email and phone contact. The users are contacted via these secondary methods if a password reset is request to verify their identity. The link to give users to reset their passwords is (https://passwordreset.microsoftonline.com/) This is similar to MFA with azure. Below are the steps to enable SSPR:
Step 1 – Enable SSPR in the Azure Portal
Step 2 – The policy can be scoped to all users or each individual group
Step 3 – Select “Customize Synchronization options”
Step 4 – Log into the AAD connect server and enable password writeback. This allows Azure to writeback to the on-prem AD premises.
While the setup is pretty seamless, issues can always happen in IT. One particular issue occurred with the service account that is created with ADConnect is installed. This will be the subject of my next blog later this week!!!
Disclaimer
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.