Before proceeding to have your password reset, Users must first enroll in order to use the Self Service Active Directory Reset.
Users are not considered enrolled until they have fully set-up the Two Factor Authentication (2FA) and must have answered all the reset challenge questions as well. When you are logged in and currently not enrolled, the following link (banner) will be displayed as shown below.
Reset User Self Enrolment
Kindly follow these steps to complete your enrolment.
- Click on this link and complete your enrolment.
- Setup Two Factor Authentication (2FA)
- answer and Challenge-Response questions)
Note: After completing these tasks and you wish to update your basic Information, Challenge questions and also have your Two-Factor Authentication changed (modified), Please follow the steps below by
- Clicking on your username
- Click on Manage Account from the drop-down list.
Upon logging in with your Active Directory User Account, the following banner will be displayed as earlier discussed.
– Click on the link as shown below
– This will open up the required configuration window as shown below.
Perform Self-Service Password Reset Enrolment
– Click on enable two-factor provider and click on configure as shown below. Note: This step has to be completed first before proceeding to answer the challenge questions or else it will fail.
- Currently, the Two-factor Authentication status shows Disabled. Click on Configure as shown above and enter the Configuration QR Code in your desired Authentication App.
Here I am using the Microsoft Authenticator, you can also use Google Authenticator etc.,
Note: You need to have any of these Authenticators already installed to perform this operation. Here are the steps for setting up Microsoft Authenticator. If you already have this setup, kindly skip this part.
- Launch the Microsoft Authentication App - Tap the three dot menu button and - Select Add Account - Click on Other accounts (google, Facebook, etc.,), Since we do not have the QR code to scan we will have to type this in manually. - Click on Enter the Code Manually. - Set the Account name: Enter the “The Secret Key”: This is the value for this user as shown in the image above ENXXXXXXXXXXXXXXXXXXXX2E4TM - Click on Finish. If successful, this message will be displayed.
Next, enter the 6 digits token generated from the Microsoft Authentication App as shown below
– Next, click on Verify. Furthermore, This will display the next window below showing the Authentication Application is Configured Correctly and the status changed from Disabled to Enabled.
Next would be to set and answer the Challenge Questions (currently configured to have at least two minimum questions answered out of the three questions).
- Enter your desired answers as shown in the below
- Then click on Save.
Now you are fully enrolled as a Reset Password User and can reset your password using any of the steps discussed in the next chapter (Perform Self-Service Password Reset Enrolment).
Also, this will eradicate the warning displayed as not enrolled yet.