How can we improve Azure Active Directory?

Fine-Grained Self-Service Password Reset policy Groups with priority

It would be awesome if security administrator could define different SSPR policies and associate them with security groups in Azure Active Directory. The solution should support processing the correct policy based on a specific priority order for the policy, this would be helpful in the case where users belongs to multiple groups.

20 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Peter Selch Dahl shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    planned  ·  AdminAzure AD Team (Admin, Microsoft Azure) responded  · 

    Thank you for your feedback! We are working on giving admins the ability to configure reset policies by group. For priority, we will choose the most secure configuration (if a user has more than one policy applied). We would love to hear more feedback and ideas as we plan this awesome new feature. Thanks in advance for your feedback!

    Sadie Henry (sahenry)

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Nick Fields commented  ·   ·  Flag as inappropriate

        There's currently two policies for SSPR in Azure AD, one for regular users which you define through the portal, and then a slightly different one for users who are members of privileged groups like Security Admin, Global Admin, etc. It's not well documented, but would be nice to expand this so you could have a bunch of different templates kind of like they do for RMS.

      Feedback and Knowledge Base