This
functionality is vital if you wish to have your password changed using the web
browser.
Here are the steps below. – Click on Forgot Password link
– Ignore the certificate warning and proceed to the webpage. This will display the Forgot Password Window as shown below.
– Enter your Domain User name as shown above and – Click on Request Password Reset. – Enter your Answers to the Security Questions displayed as shown below
Note: This step might be displayed one after the other or listed at once. Either case, just answer each question and click on save and this will display the next question.
– And Click on Save. – The two Factor Provider Window is displayed, click on save as shown below.
– This will prompt and request the Authentication Application Token as shown below. Enter the Token displayed on from your Authentication App and click on submit.
– This will display a new window where your new password can be entered and changed. Enter the new password and click on change password. If successful, this will display the window below.
This feature is very vital when you have completely logged off your Windows PC and would like to reset it.
Here are the steps to have this completed. – Install the Windows Login Integration Client – After successfully installing this application, this functionality will be displayed close to your username on the logon screen “Password Reset”.
– Click on the Password Reset button as shown in the image above. This will prompt a web page as shown below. – Simply disregard the certificate warning and click on continue to proceed.
– Here enter your Domain username and click on proceed to the Security Questions
– As shown below, give the answers to the Challenge Certificate setup by you during the enrolment process.
Note: At least two minimum correct answers are required.
– Simply click on save ONLY in this step below and proceed to the next step.
– Enter the digits from Microsoft Google Authenticator as shown below and click on save.
– This will display a new Password Change window as shown below.
Enter the new Password
– Click on Password Change. After a successful password change, the following screen below will be displayed.
Note: To have the Password changed, you must be in compliance with the Password Policy. Also bear in mind you cannot change your password twice within 24 hours. This is due to the configured GPO.
Before proceeding to have your password reset, Users must first enroll in order to use the Self Service Active Directory Reset.
Users are not considered enrolled until they have fully set-up the Two Factor Authentication (2FA) and must have answered all the reset challenge questions as well. When you are logged in and currently not enrolled, the following link (banner) will be displayed as shown below.
Reset User Self Enrolment
Kindly
follow these steps to complete your enrolment.
Click on this link and complete your
enrolment.
Setup Two Factor Authentication
(2FA)
answer and Challenge-Response
questions)
Note: After completing these tasks and
you wish to update your basic Information, Challenge questions and also have
your Two-Factor Authentication changed (modified), Please follow the steps
below by
Clicking on your username
Click on Manage Account from the drop-down list.
User Enrolment
Upon logging in with your Active Directory User Account, the following banner will be displayed as earlier discussed. – Click on the link as shown below
– This will open up the required configuration window as shown below.
– Click on enable two-factor provider and click on configure as shown below. Note: This step has to be completed first before proceeding to answer the challenge questions or else it will fail.
Currently, the Two-factor Authentication status shows Disabled. Click on Configure as shown above and enter the Configuration QR Code in your desired Authentication App.
Here I am using the Microsoft Authenticator, you can also use Google Authenticator etc.,
Note: You need to have any of this Authenticator already installed to perform this operation. Here are the steps for setting up Microsoft Authenticator. If you already have this setup, kindly skip this part.
- Launch the Microsoft Authentication App
- Tap the three dot menu button and
- Select Add Account
- Click on Other accounts (google, Facebook, etc.,),
Since we do not have the QR code to scan we will have to type this in manually.
- Click on Enter the Code Manually.
- Set the Account name:
Enter the “The Secret Key”: This is the value for this user as shown in the image above ENXXXXXXXXXXXXXXXXXXXX2E4TM
- Click on Finish. If successful, this message will be displayed.
Next, enter the 6 digits token generated from the Microsoft Authentication App as shown below
– Next click on Verify. This will display the next window below showing the Authentication Application is Configured Correctly and the status changed from Disabled to Enabled.
Next would be to set and answer the Challenge Questions (currently configured to have at least two minimum questions answered out of the three questions).
Enter your desired answers as shown in the below
Then click on Save.
Now you are fully enrolled as a Reset Password User and can now reset your password using any of the steps discussed in the next chapter (below). Also, this will eradicate the warning displayed as not enrolled yet.
