How can we improve Azure Active Directory?

Enable Self Service Password Reset from Windows 10 Sign In Screen

Azure AD self service password reset works great. The issue being if a user cannot log on they haven't a browser to access the portal easily.

Can the reset portal be integrated with a "Forgotten my password" link on the Sign In screen. Azure AD join integrates with web based services such as MFA so it hopefully the foundations are there.

207 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Marcus Robinson shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    45 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Ahmad Habib commented  ·   ·  Flag as inappropriate

        Hello,

        Thank you for this functionnality which is very important to us (100k users).

        I run into a weird behavior, just wanted your output on this please.

        When resetting password outside the enterprise network, the SSPR process will end successfully but the user will not be able to login into the laptop's session with the new password set.

        So at this point the user is able to reset it's password but not able to login with this new one.

        Is there something we missed ?

        Regards,
        Ahmad

      • Anonymous commented  ·   ·  Flag as inappropriate

        Is this supported when used in conjunction with 802.1x secured networks when using SSO credentials and and the "Perform immediately before User Logon" option in the Windows supplicant? How is access to the network granted to perform the password reset functionality?

      • Matthew commented  ·   ·  Flag as inappropriate

        Is this supported on Windows 10 LTSB (1607) with hybrid Azure AD joined computers?

        It doesn't seem to work out of the box, is there an update that can be applied to enable it for example?

      • Anonymous commented  ·   ·  Flag as inappropriate

        That would be great if Redstone 4 allows hybrid Azure AD joined computers to do this. I've been waiting on this for a while and will be able to eliminate a 3rd party tool when this happens.

      • Steve Whitcher commented  ·   ·  Flag as inappropriate

        Sadie - Is the process the same to enable this on hybrid joined computers running RS4?
        Or is there documentation on what is required for that scenario?

      • Anonymous commented  ·   ·  Flag as inappropriate

        Is RS4 going to include Hybrid AAD joined SSPR functionality at the lock screen? It's insane that MSFT hasn't put this functionality in yet! It is literally a webpage embedded in the GINA file, why the **** is Azure Joining even a requirement at that point?

      • Anonymous commented  ·   ·  Flag as inappropriate

        Any updates on Hybrid AAD joined devices being able to leverage this functionality?

      • Anonymous commented  ·   ·  Flag as inappropriate

        Very much needed for our students !!!!
        Our school computers are NOT AADJ only AD joined !!

      • Glenn Jefferson commented  ·   ·  Flag as inappropriate

        This will be great if/when it can support Windows 10 domain joined machines and also Win 7/8 domain joined machines too!

      • John F commented  ·   ·  Flag as inappropriate

        It is an option with 1709 but only with Azure AD Joined devices. Not hybrid or traditional AD joined. Just need to enable a couple reg keys or an Intune policy to do it and the option will appear.

      • Abdul Khan commented  ·   ·  Flag as inappropriate

        This is a very needed solution. The 3rd party versions are ****. MIM has its sspr that doesn't sync with azure sspr. So it is no point for an organization to instruct its users to register with azure sspr and then again with mim sspr. You don't have two solutions for the same issue! Please implement this as we are still waiting. Large organizations could really use this.

      • Steve Whitcher commented  ·   ·  Flag as inappropriate

        I believe this was supposed to be included in Windows 10 v1709, but looking at the "what's new" page I see that it only lists the ability to reset a Microsoft Account password from the lock screen, not an AzureAD account password. I wonder if it was delayed?

      • Bart De Vos commented  ·   ·  Flag as inappropriate

        Hi!

        Any update on this. 2 years have passed. Would be a very nice feature for us, installing FIM onprem seems overkill for this).

        Thanks!

      ← Previous 1 3

      Feedback and Knowledge Base