Microsoft Azure Active Directory Connect is a great tool to sync on-premises objects to the…
We like to give the users the option to reset their Microsoft 365/Office 365 password. The feature Azure AD Self-Service Password Reset is available for selected users or all the users. Configure Self-Service Password Reset (SSPR) for cloud-only tenant or hybrid deployments.
Table of contents
Before you start to implement Self-Service Password Reset (SSPR) for the users, it’s good to know where you need to enable SSPR:
- Cloud-only tenant: Enable SSPR in Azure AD.
- Hybrid deployment: Enable SSPR in Azure AD and enable password writeback in Azure AD Connect.
In the article, we will look at both the above options.
Microsoft did create excellent Self-Service Password Reset rollout materials that you can download, edit and send to the users.
Enable SSPR in Azure AD
To enable Self-Service Password Reset in Azure AD, you have to sign in to the Azure portal. Click on the menu button and click Azure Active Directory.
Click in the menu on Password reset.
Click in the menu on Properties. Click on All and Save.
We recommend you to enable Self-Service Password Reset for All users. It’s one of the recommendations from the Microsoft Secure Score.
If you have a cloud-only tenant, you’re all set. The users can register for Self-Service Password Reset from the link https://aka.ms/ssprsetup. After it’s set up, they can use the link https://aka.ms/sspr to reset their password.
Do you have a hybrid deployment? Follow the next step.
Enable SSPR in Hybrid deployment
Make sure that you did enable Self-Service Password Reset in the previous step. It needs to be enabled in Azure AD before you proceed further and enable password writeback feature in Azure AD Connect.
Enable password writeback in Azure AD Connect
Sign in to the Azure AD Connect on-premises server. Start the application Azure AD Connect. On the setup wizard welcome screen, click on Configure.
Click Customize synchronization options. Click Next.
Enter your Azure AD global administrator credentials. Click Next.
Click a couple of times on Next to go through the wizard till you reach the Optional Features screen.
Check the checkbox Password writeback. Click Next.
The configuration did complete. Click Exit.
In the Azure portal, navigate to Azure AD password reset.
Click in the menu on On-premises integration. It shows that your on-premises writeback client is up and running.
In this article, we discussed how to enable Self-Service Password Reset. Enable SSPR in Azure Active Directory if you have a cloud-only tenant. Do you have a hybrid deployment? Enable SSPR in Azure Active Directory and enable password writeback in Azure AD Connect.
Help the service desk team and configure Self-Service Password Reset. They will get fewer phone calls with requests to reset the user password. Once the users call, they can redirect them to the SSPR URL. The users will reset their password, which will take less time and effort from the service desk.
Did you enjoy this article? You may also like . Don’t forget to follow us and share this article.