I will highlight what I learned from taking this Microsoft Learn module. If an administrator has configured a hybrid cloud active directory environment they can allow users to reset their passwords due to lockouts/etc. using Azure Active Directory. Azure AD will writeback the user’s password to the on premises active directory domain service environment. You can experience this first hand through this demo if you wish.

Using this link users can reset their Active Directory password. They enter in their email or username, provide the verifications steps required by the administrator, and then are prompted to reset their password.

Enabling self service password reset on the administrators side is just one setting. Under Active Directory > Password reset > Properties you choose “All” or “Selected” to enable it for a designated group of users.

That’s it for this post. Thank you for reading!