How to Enable Self-Service Password Change for Cloud-Only Users |

Correct Answer: D

You should enable self-service password reset.

Given your users are cloud only, this feature is free of charge.

Therefore there is no need to upgrade to a paid tier.Option A is incorrect.

Self-service password reset is free for cloud users.

Option B is incorrect.

This is not a requirement for enabling self-service password reset.

Option C is incorrect.

You should enable password writeback if you want to enable password changes made in Azure to be reflected in your local Active Directory.

This feature requires Azure Premium P1.

Reference:

To know more about self-service password reset, please refer to the link below:

The correct answer to the question is D. Enable self-service password reset.

Explanation:

Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management solution that provides authentication and authorization to users and devices for access to applications and resources. Azure AD offers various features and capabilities to secure user accounts, including self-service password reset.

Self-service password reset allows users to reset their own passwords without the need for IT administrators' intervention. It gives users control over their accounts and eliminates the need to contact the IT helpdesk for password resets, saving time and resources.

To enable self-service password reset for Azure AD cloud-only users, follow these steps:

1. Sign in to the Azure portal using an account with administrator privileges.

2. Go to the Azure AD pane and select "Password reset" from the left-hand menu.

3. On the "Password reset" page, select the "Self-service password reset" option.

4. Choose the authentication methods that you want to enable for self-service password reset. You can choose from the following options:

   • Email: Users receive a verification code via email to reset their password.
   • Mobile app notification: Users receive a notification on their mobile device through the Microsoft Authenticator app to reset their password.
   • SMS: Users receive a verification code via SMS to reset their password.

5. Configure the password reset policy settings, including the number of authentication methods required, the frequency of password resets, and the number of days before a password can be reset again.

6. Save the settings.

Once self-service password reset is enabled, users can reset their passwords by following the instructions provided in the password reset portal or during the sign-in process.

Option A, upgrading the Azure tenant to a paid tier, is not necessary to enable self-service password reset.

Option B, enabling multi-factor authentication, is a separate security feature that adds an extra layer of protection to user accounts but does not directly enable self-service password reset.

Option C, enabling password writeback in AD Connect configurations, is a feature that allows password changes made in Azure AD to be written back to on-premises Active Directory, but it is not necessary to enable self-service password reset for cloud-only users.