Enable Self-service password reset in a Azure Active Directory

Enable Self-service password reset in a Azure Active Directory

Enable Users to Reset Passwords using Azure Active Directory

Password reset tickets constitute a major chunk of the help desk ticket pile. Allowing users to reset their own passwords is a sure way of boosting productivity. Microsoft Azure Active Directory (AD) includes a self-service password reset (SSPR) feature that lets end users reset their Azure AD password without having to seek help desk assistance. With enterprises synchronizing their on-premises AD with Azure AD, SSPR has become an indispensable tool for hybrid AD environments as well.

Administrators can deploy SSPR in Azure AD by enabling SSPR from their Azure AD tenant, and then selecting the group and specifying the authentication methods available to the users in the group. See Figure 1.
Figure 1. Configuring SSPR in Azure AD.

Once SSPR is enabled, users can access the Azure portal through a web browser and easily reset their Azure AD password. See Figures 2a and 2b.


Figure 2a. Logging in to Azure AD through the Azure portal.



Figure 2b. SSPR through the Azure portal.

But what about an end user in a hybrid environment who has their computer joined to the on-premises AD domain? That user could use another device, a phone, or a coworker’s computer to reset their password through the Azure portal. However, that may not be the option most users would want to go for.

    • Related Articles

    • Delegate Password Reset Permissions in Active Directory

      Delegating Permissions to Reset User Account Passwords Delegation can help administrators save ample time and help them concentrate on more tedious tasks at hand. This is no different when it comes to delegating password resetting capability. ...

    • 2FA for Azure AD Apps: How to Enable using Conditional Access Policies

      Configuring Two Factor Authentication for Cloud Apps in Azure AD In an earlier post, we discussed in depth about how single sign-on (SSO) for cloud apps in hybrid Active Directory works and the various methods of implementing it. However, SSO alone ...

    • Enable Active Directory Recycle Bin | PowerShell

      What is Active Directory Recycle Bin? While using Active Directory (AD), administrators tend to accidentally delete objects such as users, computers, groups or organizational units (OUs). This may cause complications in the network functionality and ...

    • How to Sync On-premises Active Directory with Azure Active Directory

      Synchronizing users and groups from On-premises Active Directory to Azure Active Directory Azure Active Directory is a multi-tenant, cloud-based directory and identity management service provided by Microsoft. It offers identity and access ...

    • Find Locked out Service accounts in Active Directory

      We all have services running on our servers. Many of these services require Active Directory user accounts, which are ​referred to as service accounts. These service accounts are essential, as they allow ​services to perform their duties. However, ...