-
Notifications
You must be signed in to change notification settings - Fork 648
/
Copy pathusers-reset-password-azure-portal.yml
78 lines (65 loc) · 4.46 KB
/
users-reset-password-azure-portal.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
### YamlMime:HowTo
metadata:
title: Reset a user's password
description: Instructions about how to reset a user's password using Microsoft Entra ID.
author: barclayn
ms.author: barclayn
manager: femila
ms.reviewer: jeffsta
ms.date: 04/02/2025
ms.service: entra
ms.subservice: fundamentals
ms.topic: how-to
ms.custom:
- ge-structured-content-pilot
title: |
Reset a user's password
introduction: |
Administrators can reset a user's password if the password is forgotten, if the user gets locked out of a device, or if the user never received a password.
> [!NOTE]
> If you're not an administrator and you need instructions on how to reset your own work or school password, see [Reset your work or school password](https://support.microsoft.com/account-billing/reset-your-work-or-school-password-using-security-info-23dde81f-08bb-4776-ba72-e6b72b9dda9e).
>
> Unless your tenant is the home directory for a user, you won't be able reset their password. This means that if your user is signing in to your organization using an account from another organization, a Microsoft account, or a Google account, you won't be able to reset their password.
>
> If your user has a source of authority as Windows Server Active Directory, you'll only be able to reset the password if you've turned on password writeback and the user domain is managed. Changing the user password for federated domains is not supported. In this case, you should change the user password in the on-premises Active Directory.
>
> If your user has a source of authority as External Microsoft Entra ID, you won't be able to reset the password. Only the user, or an administrator in that tenant, can reset the password.
prerequisites:
summary: |
You must have at least the following role to restore and permanently delete users.
dependencies:
- Password Administrator
procedureSection:
- title: |
To reset a password
summary: |
Follow these steps:
steps:
- |
Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Password Administrator](~/identity/role-based-access-control/permissions-reference.md#password-administrator).
- |
Browse to **Identity** > **Users** > **All users**.
- |
Select the user that needs the reset, then select **Reset Password**.
The **Alain Charon - Profile** page appears with the **Reset password** option.
:::image type="content" source="media/users-reset-password-azure-portal/user-profile-reset-password-link.png" alt-text="Screenshot of the User's profile page, with Reset password option highlighted." lightbox="media/users-reset-password-azure-portal/user-profile-reset-password-link.png":::
- |
In the **Reset password** page, select **Reset password**.
> [!NOTE]
> When using Microsoft Entra ID, a temporary password is auto-generated for the user. When using Active Directory on-premises, you create the password for the user.
- |
Copy the password and give it to the user. The user will be required to change the password during the next sign-in process.
> [!NOTE]
> The temporary password never expires. The next time the user signs in, the password will still work, regardless how much time has passed since the temporary password was generated.
> [!IMPORTANT]
> If an administrator is unable to reset the user's password, and the Application Event Logs on the Microsoft Entra Connect server has error code hr=80231367, review the user's attributes in Active Directory. If the attribute **AdminCount** is set to 1, this will prevent an administrator from resetting the user's password. The attribute **AdminCount** must be set to 0, in order for an administrators to reset the user's password.
<!-- preamble to the next step: <After you've reset your user's password, you can perform the following basic processes:> -->
relatedContent:
- text: Add or delete users
url: ./add-users.md
- text: Assign roles to users
url: ./how-subscriptions-associated-directory.yml
- text: Add or change profile information
url: ./how-to-manage-user-profile-info.yml
# - [Create a basic group and add members](./how-to-manage-groups.yml)
# Or you can perform more complex user scenarios, such as assigning delegates, using policies, and sharing user accounts. For more information about other available actions, see [Microsoft Entra user management documentation](~/identity/users/index.yml).