This article is for office365 paid subscriptions managed by account administrator. Enabling your users to manage their own cloud Azure Active Directory passwords takes just a few simple steps. After ensuring that you've met a few simple prerequisites, you'll have password change and reset enabled for your entire organization before you know it. This article will walk you through the following concept.
Active directory on premise required extra steps.
Step 1. First login portal.office.com
Step 2. Next click on link for the Azure AD portal
Note: You may need to active your subscription if not already done.
In the Azure Management Portal, find the Active Directory extension on the navigation bar on the left hand side.
Step 3. Under the Directory tab, click the directory in which you want to configure the user password reset policy,
Step 4. Click the Configure tab.
Step 5. Under the Configure tab, scroll down to the user password reset policy section. This is where you configure every aspect of user password reset policy for a given directory.
Note:
This policy applies only to end users in your organization, not administrators. For security reasons, Microsoft controls the password reset policy for administrators. If you do not see this section, make sure that you have signed up for the Azure Active Directory Premium or Basic and assigned a license to the administrator account that is configuring this feature.
To configure the user password reset policy, slide the users enabled for password reset toggle to the yes setting. This reveals several more controls which enable you to configure how this feature works in your directory. Feel free to customize password reset as you see fit. If you’d like to learn more about what each of the password reset policy controls does, please see Customize:
Azure AD Password Management.
Step 6.After configuring user password reset policy as desired for your tenant, click the Save button at the bottom of the screen.
Note:
A two challenge user password reset policy is recommended so that you can see how the functionality works in the most complex case.
Step 7. Set Number of Authentication Methods Required. To 2
Step 8. Make sure to click the save at the bottom.
Step 9. Now we now need to go back to the office 365 portal and add the users that are allowed to the
SSPRSecurityGroupUsers
Now when a user logins into office 365 it should request that the user enter a phone number and email address and then they will need to be verified.
Follow the steps for verification. Make sure that you have your phone and email address handy.
Steven Jarvie
Jarvie Computing
www.jarviecomputing.com.au
www.jarvieit.com.au