| read | | #Azure,

Self Service Password Reset – Azure AD Premium

n today’s world, user doesn’t want to consider any down time due to any IT constraints and to minimize that constraints Self-Service comes into picture. Self-service has long been a key goal for IT departments across the world as a minimize downtime, cost-reduction and labor-saving measure. Indeed, the market is flooded with various products such as Microsoft System Center Orchestrator that can let you manage your  groups, passwords, or user profiles. Azure Active Directory (Azure AD) sets itself apart from other offerings by providing some of the easiest to use and most powerful self-service capabilities available today. This post will be focused around how to automate password reset using Self-Service Password Reset on Azure new portal(Resource Manager) in case of end-user forgot the password so  end-user will get minimum down time.

Azure AD Password Management is a set of capabilities that allow your users to manage any password from any device, at any time, from any location, while remaining in compliance with the security policies you define.

If an organization is already using Office365 then the organization’s identities(users) are already synced in cloud or in hybrid scenario but still you need to upgrade from Free Azure AD to Azure AD Premium to leverage this features.

Let’s dig on.

  1. Open a browser of your choice and go to the Azure portal. Login with your credentials and click on Azure Active Directory.4.0
  2. Here, Azure AD edition is Free so first need to activate Premium edition. Click on Password Reset->Get a free Premium trial to use this features.



3. Select Azure AD Premium.



4. Click on Activate.


5. Click on Password reset->Configure.


6. If you don’t want to enable SSRP for all the users then you can create a group and assign members. Here, SSRP group name is AAD Premium Group and members are UserOneUserTwo and Sakaldeep.



7. Click on Enable button to enable Azure AD Premium features for selected groups of users.


8. After enabling SSPR, now need to configure password reset policy such as authentication method, user registration, end-user and admin notification. Here both email and mobile phone has selected for end user authentication method while resetting password.



9. Below policy is required if you want end user should go through registration process to provide current mobile number and email address before resetting the password. Here, registration is required.


10. Below policy will send email notification to both end user and admin after every password reset.



11.  Now we are done with admin level configuration. First need to register user to the registration portal. In order to use the password reset registration portal, you must provide the users in your organization with a link to this page (http://aka.ms/ssprsetup) or turn on the option to require users to register automatically. Once they click this link, they are asked to sign in with their organizational account. After doing so, they see the following page.


12. Here, users can provide and verify their mobile number, alternate email address, or security questions.


13.Enter your valid mobile number and verify it.



14. Now verify your alternate email address.



15. After verifying both mobile number and email address, page will looks like below.


16. Registration has done, now lets reset password using self service portal at portal.microsoftonline.com.


17. Click on Can’t access your account?



18. Enter the user ID and security verification code and click on Next button.


19.Choose verification method, here I am choosing alternate email.4.17


20. You will receive an email having the verification code.


21. Verify your email using the code received in email.



22. Once your email will be verified, you will be prompt to reset the password for the account.4.20

23. Finally your password has reset.


24. After the successful password reset, end user and admin will receive the email as shown below.



25. Admin can also see the log of all password reset activities as shown below.


In same manner you can also reset password using your registered mobile number.