In a world where people are living more lives than ever, the need to control and regulate yourself has never been greater. Self-regulation is about accepting responsibility for your actions in order to keep society running smoothly. To achieve self-regulation you must understand what motivates you – this requires a lot of introspection and sometimes even therapy or medication.
The “how to accept yourself when others don’t” is a question that has been asked many times. It’s not always easy to be accepted for who you are, but it’s important to keep trying.
Is your staff being inundated with requests to change passwords? Let’s face it, people have a tendency to forget their passwords or themselves locked out from time to time.
If you’re an IT specialist who’s having trouble resetting passwords in Active Directory, check out Specops’ uReset tool.
Having to go through a case management procedure to change their passwords may rapidly become inconvenient and frustrating. Most password reset requests are classified as low priority and might take days to complete unless the user is a VIP.
Implementing the self-service password reset in Office 365 or SSPR helps alleviate these worries. Users may be given the ability to change their passwords on their own accounts using SSPR. Implementing SSPR might enhance the user experience and reduce the amount of requests for password resets.
You’ll discover how to activate, setup, and test the self-service password reset service in this article. You’ll learn how to use SSPR in both cloud-only and hybrid environments.
Prerequisites
This is a tutorial, so if you want to follow along, make sure you have the necessary prerequisites.
- A functional Azure Active Directory or Microsoft 365 tenant. You may obtain a trial account if you don’t already have one.
- A user account for the role of Global Administrator. The setup and administration of SSPR will be done using this account.
- A cloud-only account for non-administrators. This account will be used to evaluate the SSPR interface. CloudUser, a cloud-only account, will be utilized in this article.
- [OPTIONAL] Windows Active Directory on-premises with Azure AD Connect installed and configured for synchronization. This is an optional setting that is only required if you want to use Windows Active Directory for password writeback.
- A non-administrator account in Windows Active Directory that is synchronised with Azure Active Directory. The On-Premises user account *HybridUser ***** will be utilized in this article.
- The non-administrator account is a member of this group. To allow SSPR, this group will be utilized as the target. In this article, SSPR will be set to exclusively target members of the SSPR-Users group.
- A separate license or subscription may be necessary depending on how the SSPR capabilities will be used. Please see the graphic below for a list of features and licenses that are necessary.
Knowing the State Options for Self-Service Password Reset
The procedure for enabling SSPR is quite simple. Enabling, on the other hand, is not the same as carefully implementing.
When deploying new features, one of the major worries is how consumers will be affected. It’s a good thing SSPR may be configured to exclusively target members of a certain group. This helps keep the potential effect to a bare minimum, particularly when SSPR is implemented in batches.
SSPR exists in three states. Each state denotes how SSPR is used (or not used) by users.
- None – SSPR is deactivated for all users in your tenancy in this state.
Even if the SSPR status is set to None, SSPR is always enabled for administrators. To reset their own passwords using SSPR, administrators must utilize two authentication methods.
- Selected – SSPR is only applied to a certain set of people in this state. When executing a phased rollout, this is beneficial. You may batch add people to a target group using this state. This is the SSPR state we’ll be talking about in this post.
When you choose the Selected state in SSPR, you can only have one group as a target at a time. Nested groupings, on the other hand, are permitted.
- Everyone – By enabling SSPR in this state, SSPR will be applied to all users in your tenancy.
SSPR Enablement for Cloud-Only Setup Organizations
Enabling SSPR is as simple as turning a switch to turn it on and applying the most minimal configuration for cloud-only enterprises. The steps outlined below will show you how to do this.
To begin, go to the Azure Active Directory blade in the Microsoft Azure portal using your global administrator account.
Select the Azure Active Directory blade from the drop-down menu.
Locate and click Password Reset in the Manage section of the Azure Active Directory page.
To reset your password, go to Password Reset.
Under the Manage section of the Password reset blade, select the Properties menu blade. The current condition of the SSPR will then be shown to you. The current SSPR status is None, as seen in the picture below, which signifies that SSPR is presently disabled for all end users.
SSPR has been disabled.
After that, set the SSPR’s status to Selected. The target security group, whose members will be enabled for SSPR, must then be specified. The name of the group chosen in SSPR-Users in this case. After selecting the target group, click the Select button.
Selecting an SSPR target group
The chosen group SSPR-Users has been selected, as seen in the graphic below. Finally, click Save to turn on SSPR.
Make a note of the SSPR status change and save it.
SSPR Enablement for Hybrid Setup Organizations
You learnt how to activate SSPR in the previous section, which pertains to a specific set of cloud-only users. You’ll learn what to do if your organization’s users are synchronized from on-premises Active Directory to Azure AD via Azure AD Connect in this section.
The password that was reset must be written back to the on-premises AD since hybrid user accounts are formed in the on-premises AD. In order to do so, the Password writeback capability in Azure AD Connect must be activated.
Using Azure AD Connect to Password writeback should be enabled.
You must have access to the server where Azure AD Connect is installed in order to activate the Password writeback capability. To Password writeback should be enabled., follow these procedures.
Then click Configure in the Azure AD Connect setup application.
Configure Azure Active Directory Connect
Select Customize synchronization settings from the Additional tasks menu. Next should be selected.
Choose Customize synchronization settings from the drop-down menu.
Enter your global administrator account credentials on the Connect to Azure Active Directory page. Next should be selected.
Connect to Azure Active Directory
Continue on to the Optional Features page by clicking through the next pages. Check the Password writeback box and then click Next.
Password writeback should be enabled.
After that, click Configure on the Setup is complete. screen. Then sit back and wait for the setup procedure to finish.
Setup is complete.
The setup should display the same status as the picture below, indicating that it was successful. Exit should be selected.
Completed configuration
Configuring Password Reset Options for Self-Service
You’ve learnt how to activate SSPR with default parameters so far in this post. SSPR is already functioning with the default parameters.
More choices, on the other hand, may be adjusted and tweaked, which may help you better regulate SSPR to meet your organization’s needs. Authentication methods, registration, alerts, a support contact link or email, and on-premises AD integration are among the possibilities available.
Options for Registration Configuration
Users must first register their authentication details before they may utilize SSPR. There are two configuration choices in the Registration menu blade, as seen in the picture below.
Configuration of the SSPR Registration
The two alternatives are, as seen in the figure above:
- Is it necessary for people to register before they may log in? – This setting determines whether or not users are required to register their login credentials the next time they log in. If this option is set to No, administrators must teach users how to manually register their self-service password reset information. This option is set to Yes by default.
- Number of days until users are prompted to re-confirm their login credentials – When users must update or verify their SSPR authentication information, this value indicates when they must do so. The value for this parameter is 180 days by default.
The default settings will be utilized in this article.
Authentication Methods Configuration
SSPR will demand users to authenticate their identity when they want to change their own password. SSPR may be set up to need up to two different authentication methods.
Methods of SSPR Authentication
There are two options, as seen in the figure above:
- Number of authentication methods necessary to reset – This sets how many authentication methods users must use to reset their own passwords. This option’s default value is 1.
- Users’ methods of choice – This displays a list of various authentication methods that users may use to reset their account passwords. The Microsoft Authenticator app (code and notification), email, SMS, office phone, and security questions are all options.
The default settings will be utilized in this article.
Setting Up Notifications
Users and administrators should be alerted via email whenever a password reset process is done on their accounts.
When users are contacted, they are given the opportunity to confirm that the password reset was done by them.
Notifications from the SSPR
You may Notify users on password resets and Notify all administrators when other admins reset their passwords, as seen in the picture above.
The default settings will be utilized in this article.
Configuring Contact Information for Support
Customize the support contact information for SSPR, which is another option. Users may contact your helpdesk or administrators using this setting.
The default value for 1) Customize helpdesk link is No, as shown below. If you choose Yes, you will be able to provide a 2) Custom helpdesk email or URL.
Customization of Support Contacts
The default settings will be utilized in this article.
On-Premises Integration Configuration
The availability of the on-premises writeback client is shown in the On-Premises integration menu blade. You’ll be able to check whether the password writeback function is operational.
On-Premises Integration Configuration
You have the choice, as seen in the picture above, to:
- The password writeback option for the on-premises directory may be turned on or off.
- Turn on or off the option for users to get access to their locked-out accounts without changing their passwords.
The default settings will be utilized in this article.
User Experience with Self-Service Password Reset
You’ve learnt how to activate self-service password reset in Office 365 and the many configuration choices accessible so far in this post. You may test and familiarize yourself with the self-service password reset user experience in this area.
Resetting Authentication Information by Registering the Self-Service Password
Users are immediately requested to register their authentication details once SSPR is enabled by default. Users may also go to the SSPR registration site on their own (https://aka.ms/ssprsetup).
As an example, when the user CloudUser checks in to the Office 365 site, see the video below.
Customization of Support Contacts
As you can see in the example above, the user was prompted to register their login details after successfully checking in to the Office 365 site. Because the SSPR registration just needs one way of authentication, registering a phone number was sufficient.
Resetting Your Password
If the user has enrolled for self-service password reset and needs to change their account password, they should go to https://aka.ms/sspr.
A self-service password reset is seen in the video below.
Resetting Your Password
The password might be updated once the user was able to authenticate via SMS code, as seen in the example above.
The user receives a password reset notice as part of the self-service password reset procedure, as seen in the figure below.
Email notice from the SSPR
If you’re an IT specialist who’s having trouble resetting passwords in Active Directory, check out Specops’ uReset tool.
Summary
Self-service password reset (SSPR) in Office 365 is a quick and safe solution for users and administrators to change their passwords on their own.
When users have the option of changing their passwords, the lengthy wait time for resolution is removed, and productivity is maximized.
You learnt how to activate self-service password reset and apply it to a specified group in this post. You’ve also learnt about the many configuration choices available to give you greater control over how SSPR operates in your company.
You’ve also learnt how the self-service password reset user experience, including the registration procedure and email notification, works step by step.
More customizations, such as setting up rules and banning passwords, may be combined with SSPR beyond what is presented in this article. Now that you know what SSPR is, you should feel more secure about implementing it for your Office 365 tenancy.
Additional Reading
“How to accept yourself for the way you look” is a blog post that discusses how to allow self. Reference: how to accept yourself for the way you look.
Frequently Asked Questions
How do you enable self enrollment?
A: To enable self enrollment, you must first click the Settings button in your game’s options menu. From there, scroll down to find the option for “Self Enrollment Enabled. Clicking this will change a slider from grayed out and unavailable to green and available.
What is self enrollment?
A: Self-enrollment is a process where you go through your health insurance provider’s website and choose the plan that fits your needs.
How do I enroll myself in Moodle?
A: Please visit your schools Moodle website, log in with your account information and click on the Enroll button.
Related Tags
- how to accept yourself physically
- self enrollment moodle
- how to accept yourself and be happy
- accept yourself the way you are
- self-enroll canvas
