Disable user's ability to change password (via cloud/portals)
We need to disable a user's ability to change their password. We need to manage password changes in our own application.
NOTE: I am not referring to password resets (which we can easily disable). Rather I'm talking about preventing users from changing their password via a Microsoft portal when they know their existing password.
We are looking for an equivalent of the (non Azure) AD powershell command Set-ADUser -CannotChangePassword.
Thanks for the feedback! We’re reviewing this request and will update as soon as we make a decision.
Hi folks! I apologies for the delay in response and I deeply appreciate your feedback. I understand how important this feature is for your and your users. We do not yet have plans to implement this feature, but please keep voting if this is important to you to help us prioritize appropriately.
I would like an update on this as well. seems like this is something that is really needed
Please share an update on this issue. Thank you.
Any update on this request?
W Shen commented
We have options like "password never expires" and "user cannot change password" in Active Directory. Why the same options cannot be implemented in AAD?
It's been three years since it was UNDER REVIEW. What now?
this is a really good idea. would really help with user management for companies with specific password rules. make this happen please!
Any update in this please?
these 2 articles may help in disabling SSPR for the Tenant
We are currently syncing users and passwords through a 3. party service, and need to disable password reset functionality on local azure ad accounts, since we are maintaning them in another catalog being 1 way synced to Azure AD.
The ability to disable users' ability to change passwords is very critical...now that everything is on the cloud...we face issues where an employee, when he/she leaves, can change the password, then go home and delete files and folders - leaving a complete disaster for us.
Admin should be able to disable any user's ability to change passwords...very critical...please make these changes....
So what was the decision after two years review?
we need the same capability
We need this for service accounts in AAD with complex password & password not expiring. If we can not prevent the "user" from changing his (known) password, he will change it to a trivial one.
Is there anything in place ?
Fredrik Carenborn commented
Hi, I vote for this aswell.
This feature is desirable in our IT environment also because we have built a separate password portal . The password feature in Office 365 complicate this for the end-users.
Hope for fast response
Noah de Wit commented
This is something a good number of customers ask about. Anything on the roadmap?