I'm looking to create a tool using powershell for confirming a user's identity before their password is reset in AD. I've been looking through the resources available on Learn.microsoft and i have been looking into the possibility of incorporating a Conditional Access Policy but was curious on if anyone had an alternative method to acomplishing this.

Kind regards,

John