Fine-Grained Self-Service Password Reset policy Groups with priority
It would be awesome if security administrator could define different SSPR policies and associate them with security groups in Azure Active Directory. The solution should support processing the correct policy based on a specific priority order for the policy, this would be helpful in the case where users belongs to multiple groups.
Thank you for your feedback! We are working on giving admins the ability to configure reset policies by group. For priority, we will choose the most secure configuration (if a user has more than one policy applied). We would love to hear more feedback and ideas as we plan this awesome new feature. Thanks in advance for your feedback!
Sadie Henry (sahenry)
Hi folks! I apologize for the delay in response here. This work is still planned and will start soon. I will update this request as soon as work has started. Thank you for your patience!
Niels Haaijer commented
Can we get a status update?
Hi Sadie Henry,
Any idea on when this feature will be rolled out?
Nick Fields commented
There's currently two policies for SSPR in Azure AD, one for regular users which you define through the portal, and then a slightly different one for users who are members of privileged groups like Security Admin, Global Admin, etc. It's not well documented, but would be nice to expand this so you could have a bunch of different templates kind of like they do for RMS.