Book Image

Mastering Identity and Access Management with Microsoft Azure - Second Edition

By : Jochen Nickel
Book Image

Mastering Identity and Access Management with Microsoft Azure - Second Edition

By: Jochen Nickel

Overview of this book

Microsoft Azure and its Identity and access management are at the heart of Microsoft's software as service products, including Office 365, Dynamics CRM, and Enterprise Mobility Management. It is crucial to master Microsoft Azure in order to be able to work with the Microsoft Cloud effectively. You’ll begin by identifying the benefits of Microsoft Azure in the field of identity and access management. Working through the functionality of identity and access management as a service, you will get a full overview of the Microsoft strategy. Understanding identity synchronization will help you to provide a well-managed identity. Project scenarios and examples will enable you to understand, troubleshoot, and develop on essential authentication protocols and publishing scenarios. Finally, you will acquire a thorough understanding of Microsoft Information protection technologies.
Table of Contents (23 chapters)
Title Page
Copyright and Credits
About Packt
Contributors
Preface
Index

Password reset self-service capabilities


In this section, we configure the password reset capabilities of Azure AD to reduce support costs and 24/7 availability. We use no restrictions on the service and we require just one verification option to reset the password:

Password reset - Properties dialog to select the activation options

To verify the reset, we use several methods:

Password reset - authentication options

The next option we activate forces the user to register:

Password reset - Registration requirement and confirming choices

Next, we configure the related notifications.

Configure notifications

In this section, we configure the notifications options so that the administrator will be notified if anomalous sign-ins or administrator password resets happen:

  1. Configure the Notifications as shown here:

Password reset - NotificationS options

  1. Users will be forced to register for a password reset, as shown in the following screenshot:

Registration enforcement

Now, we will test our newly configured feature and will see the registration scenario required for your verification options. Next, we will check the password reset.

Test the newly configured settings and log in as [email protected] to https://myapps.microsoft.com.

You will receive a message that you need to register for a password reset:

Authenticator app - setup procedure

Add your preferred method for Don Hall. You will receive an SMS text message, an email to your mailbox, or another of your defined response methods.

Note

Administrative users need two verification options by default.

Log in as [email protected] to https://myapps.microsoft.com , and you will see the request for two verification options.

In the next steps, we will verify the functionality.

Test the password reset process

Open https://myapps.microsoft.com in your preferred browser and enter [email protected]. Click the Can't access your account? option or use the following link, https://passwordreset.microsoftonline.com, to start the password reset process. You will come into the verification process, and you need to follow the tasks. Finish the process and log in with the new password.