Deploying Azure SSPR to the Organization


  1. Make sure you have writeback configure on the Adconnect
  2. Make sure the adconnect AD account has appropriate rights to change password

Configure SSPR for the Org

Login into the Azure Portal, go to users, and click Password Reset

Go to Properties and select either a group or All for SSPR

Authentication Methods select what you want and how many require for the SSPR service, you can also specify the questions you want. If you want a pseudo MFA, you can require 2 methods of verification, say Phone and questions

Registration: Require users to register when they login. I have seen if this is not selected a lot of users will not bother to register.

Notifications. Select if user should get a notification when their password is reset. I have seen some customers like this

Select if you want to customize the service desk url

Password writeback. Choose this option so on-prem users can use the service

Deploy to users

Ask users to login and setup/register for SSPR. They will be prompted to set it up on login!

One thought on “Deploying Azure SSPR to the Organization

  1. Pingback: Azure SSPR on Windows 7 and 8.1 client | tlktechidentitythoughts

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s