Pasword self service reset in Azure

Hi Experts

My client is currently running a hybrid organization Azure- OnPrem , and they are interconnected via Express Route.

They want to setup self-service password reset, and the process is pretty straightforward, however we need to present the client, how Azure password reset works, and all steps involved, either in a power point presentation or Visio.

I am engaging you, to answer following questions.

Define the process of self service password reset In Azure? I meant, when since the user go to browser, and enter  https://passwordreset.microsoftonline.com

How many steps are involved from a user prospective and in background? Please, elaborate each answer

What is the flow of changing password from  https://passwordreset.microsoftonline.com ?

I am not looking for articles in how to setup password write back in Azure, and define the security questions or authentication methods. Please, provide as much details as you can, and not a simple copy paste from Azure docs

Thanks in advance
Jerry SeinfieldAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
once you set it up the number of steps vary according to your setup. The basics start once the user has entered their account name and solved the captcha. Then the site checks to ensure that the users account is setup for password reset, if not the user has the option of contacting the administrator the admin will receive an email not enabled. If enabled then the # of steps depend upon your settings. Try it and set things up, adjust as desired
0
Jerry SeinfieldAuthor Commented:
Thanks David,

Can you please provide all additional steps as per your experience?
0
MaheshArchitectCommented:
The process is easy if you already have opened required network ports and URLs from client and Azure AD Connect server
If not 1st do that, ensure from AD connect server full and direct internet access is allowed along with name resolution, else scenario would not work as expected

from user perspective only 4 steps are involved

1 go to password reset URL (either by forget password link on Azure / O365 or directly heating password reset URL)
2 Register or verify for SSPR - this is one time task (if you enter user auth phone info through AD connect, user still need to verify his number once
3 Azure will verify user identity by sending OTP / Call / asking security question depending upon set options
4 Once verified, azure will present reset option to user and user would be able to reset his AD password

The below link contains PPT you looking for
video.ch9.ms/sessions/teched/eu/2014/CDP-B312.pptx

If you are interested in actual back end flow, I am not able to get the article now, its missing
you don't have to publish any server on internet for this scenario to work
The all steps are mentioned below
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-passwords-getting-started

Apart from above you have to have Azure AD premium license assigned to user for SSPR to work

Mahesh.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

Jerry SeinfieldAuthor Commented:
thanks Mahes,

the link video.ch9.ms/sessions/teched/eu/2014/CDP-B312.pptx is broken

By Any chances, can you please upload the PPT file to this post?
0
MaheshArchitectCommented:
The link is working and am still able to download PPT

Check from your end if any issue with IE, download is not blocked etc, else download it from Google Chrome browser
0
David Johnson, CD, MVPOwnerCommented:
Here is the link again and it works on all browsers that I've tried
PowerPoint http://video.ch9.ms/sessions/teched/eu/2014/CDP-B312.pptx 
Video https://channel9.msdn.com/Events/TechEd/Europe/2014/CDP-B312
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Azure

From novice to tech pro — start learning today.