cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure SSPR User Experince Issue

srinivasyk
Copper Contributor

‎Oct 05 2021 08:44 PM - last edited on ‎Feb 10 2023 02:29 PM by

‎Oct 05 2021 08:44 PM - last edited on ‎Feb 10 2023 02:29 PM by

Azure SSPR User Experince Issue

Hi All,

We are configuring Azure SSPR for a customer. We set authentication methods using phone number when they join the organisation and send the SSPR link so that they can set their own new password. We are seeing a page(Page we are seeing.png in the attachment) where it comes up with "I forgot my password" and "I know my password but still can't log in" misinterpreting that user has already set the password. We expect the(expected page.png -attachment) page where it straight away takes the user to verification step using phone number and set their first password.



We tried forcing the user to change password at next logon which didn't help and tweaked few other setting Password reset as well but no luck. 



Is there any setting on a user or configuration in Azure AD to force the expected page to be visible when the user inputs their id?

 

Password write back is enabled to AD from Azure.



Any input is appreciated..Thanks!!

Labels:
Preview file
36 KB
Preview file
40 KB
831 Views
0 Likes
4 Replies
Reply
4 Replies
BilalelHadd

‎Oct 06 2021 12:15 AM

‎Oct 06 2021 12:15 AM

Re: Azure SSPR User Experince Issue

Hi @srinivasyk

I have some questions before I make a suggestion. First, did you enable the "Combined registration feature" already in your tenant? And how many authentication methods did you configure within your tenant?
0 Likes
Reply
srinivasyk

‎Oct 06 2021 12:34 AM

‎Oct 06 2021 12:34 AM

Re: Azure SSPR User Experince Issue

Hi @BilalelHadd
Yes we have enabled the "Combined registration feature"
1 authentication method among phone,email and mobile app code
0 Likes
Reply
BilalelHadd

‎Oct 06 2021 12:56 AM

‎Oct 06 2021 12:56 AM

Re: Azure SSPR User Experince Issue

@srinivasyk

I can't explain why you see the screen with the two options. However, I can help you with setting the flag for "forcing the password to change at the next logon," therefore you need to run the below command on your Azure AD connect server:

Set-ADSyncAADCompanyFeature -ForcePasswordChangeOnLogOn $true

As soon as the value (checkbox) has been set within AD, it should synchronize to AAD.

More information regarding this feature can be found in this docs article:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchron...
Section: Synchronizing temporary passwords and "Force Password Change on Next Logon"

0 Likes
Reply
srinivasyk

‎Oct 10 2021 07:58 PM

‎Oct 10 2021 07:58 PM

Re: Azure SSPR User Experince Issue

Thanks @BilalelHadd
0 Likes
Reply