Microsoft Identity Manager and its predecessor, Forefront Identity Manager cater for self-service password reset (SSPR) scenarios with out of the box workflows that support SMS, email, and question/answer authentication. Self-service password reset is a very important capability for any organization, and when properly deployed, can significantly reduce calls to the service desk.
However, even when SSPR is available in an organization, there will always be a percentage of password resets that the service desk performs. It could be that the user is not enrolled in SSPR, that they didn't know SSPR was available, or their registered SSPR mechanisms were no longer available (eg they have a new phone number, or no longer have access to their registered email address). In these cases, the service desk is usually called and a manual password reset is performed. This is not a scenario that is current supported by MIM directly, which typically results in the service desk dropping back to the AD admin centre or the users and computers console to perform this task.
Today, I'm announcing the release of the Lithnet Assisted Password Reset (APR) add-on for the FIM/MIM portal. This tool integrates with the user RCDC to display a "Reset password" link, allowing quick access to reset the user's password using either a generated or user-specified password.
It's simple, easy to install, and highly customizable.
- Automatically generated random passwords of a configurable length
- Manually specified passwords
- Includes the option to force the user to change their password at next logon
- Optionally forces service desk staff member to re-authenticate in order to reset a password
- Can unlock locked accounts
Visit the GitHub site to get started.