In today’s digital world, it is crucial to maintain the security and efficiency of user accounts. Password management is vital, especially in organizations that rely on multiple tools and digital platforms. Microsoft offers a solution called Self-Service Password Reset (SSPR), which allows users to manage their passwords without the need for IT staff intervention.
Prerequisites
- The password reset service must be enabled in your organization.
- Users must register for SSPR before using this functionality.
- Devices must be joined to Azure AD or Hybrid Azure AD.
Creating the configuration profile
1. Access the Microsoft Endpoint Manager.
2. In the left pane, click on Devices, then Windows, and select Configuration Profiles.
3. Click on Create and choose New Policy.
4. Select Windows 10 and later as the platform.
5. Then, choose Templates as the profile type you want to create, and afterward, select Endpoint Protection.
6. Click on Create..
6. In the Basics section, assign a name to the profile.
7. Then, in the Configuration settings, llenamos los siguientes datos de la siguiente manera.
- OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Authentication/AllowAadPasswordReset
- Data type: Integer
- Value: 1
8. In the Assignments section, select the device group or groups where you want to apply all the established settings.
9. Finally, review all the settings before proceeding and click on Create.