Enable users to unlock their account: SSPR in EntraID 

EntraID allows allows an organization to setup self-service password reset (SSPR), allowing users to change or reset their password with no administrator or help desk involvement.  

A new employee has joined your organization.    

Task 1: Create a user AZ500User1 who has joined your organization as an employee.  

Task 2: Create a group for the users who have joined the organization. Name the group AZ500Group1. 

Task 3: Enable SSPR for AZ500Group1 of Azure AD users. 

   

From EntraID>Password reset> select the group and click save 

Task 4: Set up authentication methods and registration options for AZ500Group1.   

Before setting up authentication methods and registration options for the group you must enable chosen authentication options from “Auth Methods” due to recent updates to EntraID:

 

Next from EntraID>Password Reset>Authentication Methods select authentication methods to enable and configure:

Task 5: Set up notifications and customizations for AZ500Group1.  

From the Home><tenant>>Password Reset Manage blade select your required settings for Notifications and Customization.

Task 6: Test the SSPR process as a user, i.e., AZ500User2, who is a member of AZ500Group1.   

Task 7: Delete the resources you have created as part of this exercise. You can delete resources individually or the entire resource group containing the resources. Take care when deleting resource groups, as all resources in the resource group will also be deleted.