Home Cloud M365 MD101 – Configuring AzureAD SSPR

MD101 – Configuring AzureAD SSPR

109
0
Reading Time: 3 minutes

So the date gets nearer for the Official Day (Saturday 3rd April @ 10:30). While studying for the exam, One of the questions I got was around AzureAD – Self Service Password Reset. So for those who may be new to the concept of SSPR (Self Service Password Reset), this is an expert from the docs.microsoft article.

Firstly, lets cover what is required for AzureAD Self Service Password Reset, and the types it can be used for.

Scenario One – Pure AzureAD – All Users and Device are AzureAD Joined and Managed with Intune.

Scenario Two – Hybrid On-premise/AzureAD – Users accounts use AzureAD Sync Service to AzureAD for Office365 Features.

That said, for either of these scenarios, for SSPR to work you require an Azure AD Premium P1 license as a minimum. This can be acquired by having the followings licenses:

> Enterprise and Mobility E3
> Microsoft 365 Business Premium
> Azure Active Directory Premium P1

Enable Self Service Password Reset

From the Azure AD Portal (https://aad.portal.azure.com), Select Azure Active Directory.

From the left-hand navigation window, Select Password Reset. Here you have an option to enable it globally or for specific users based on AzureAD Groups. For more information on AzureAD Password Policy, check this: [Link].

From the authentication method page, you can configure the options for reset.

Initial Sign-in

When Users first sign in after the policy has been configured that will be prompted to configure the two types of authentication for password recovery, For this example I’ve setup Phone and Email.

Next, Add an external email address.

This will the send you an authentication email with a 6 digit code.

Confirm Mobile Authentication, with the same steps. This will send a secondary code to your phone to confirmation.

Now that our account has the recovery options configured, If a user should forget their password from the portal.office.com login screen they can now reset their own password. From the authentication screen select ‘Forgot my Password’.

Confirm, that you are a real person and not a robot.

Pick a recovery method

E

Enter your new password.

Password Updated, Your good to go!

LEAVE A REPLY

Please enter your comment!
Please enter your name here