25,181 questions
Hi there.
Have you been able to walk through the troubleshooting doc?
Are you using both AAdConnect and AD Cloud Sync?
Also:
[http://blog.petersenit.co.uk/2019/04/sspr-0029-we-are-unable-to-reset-your.html]
Self Service Password reset for Hybrid Azure AD not working as expected
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 79%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
Michael Love
0
Reputation points
Trying to set up Self Service Password reset for our organization, however I just get a generic failure each time I go to test. I set it up according to the documentation but I'm getting this error. I installed the cloud sync agent, and the Azure AD Connect agents, and both appear healthy in Azure. Any guidance appreciated. EDIT: Trying to let users in a hybrid AD environment to reset their passwords online and have it write back to on-prem AD in case it wasn't clear. AD sync works in every other facet for our org.
Microsoft Security | Microsoft Entra | Microsoft Entra ID
2 answers
Sort by: Most helpful
-
Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator2023-02-18T13:55:05.9933333+00:00 -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT 20,921 Reputation points Microsoft Employee Moderator2023-02-21T16:52:59.2333333+00:00 There are couple of things you have to keep in place to get the SSPR set up in your environment.
First you will have to enable SSPR feature in Azure portal for users who needs password reset feature.
Second, you will have to enable password writeback in the on-premise AD connect tool.
When users reset there password, it gets written back to on-premise and then again new password get's synced to Azure for that user.
To enable SSPR in Azure AD portal you can refer below article,
https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr
To enable password writeback you can refer below article,
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
-
Sandeep G-MSFT 20,921 Reputation points Microsoft Employee Moderator
2023-02-22T08:54:08.7133333+00:00 Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.
Sign in to comment -