How to reset Owner Account password for old Azure account which does not have password reset policy set

Mudasir Mirza 0 Reputation points
2024-07-05T09:44:06.21+00:00

Hi All,

I am working on resetting password for Cloud Owner account and while doing that I get message that the account does not have "reset password policy setup".

I am not sure who did the setup for this account, but it is setup in a very odd way. There are 2 directories lets say dirA and dirB and all users initially are added in dirA and then added in dirB to get access to dirB. We are unable to add users directly in dirB and all users that we add from dirA to dirB are shown as external users and because of that we are unable to perform some actions.

I have access to the Cloud Owner email address and when I try to reset password for that I am unable to do so.

Just to add one thing, the account I am logged in is showing role as "Owner" but also showing as "External User"

Any help will be appreciated in this matter.

Regards.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
821 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vinodh247 12,741 Reputation points
    2024-07-05T13:37:56.2666667+00:00

    Hi Mudasir Mirza,

    Thanks for reaching out to Microsoft Q&A.

    Check the below points and let us know for any questions.

    Hi Mudasir Mirza,

    Thanks for reaching out to Microsoft Q&A.

    Check the below points and let us know for any questions.

    1. Reset Password Policy:
      • Ensure that the Azure AD tenant where the "Cloud Owner" account resides has a password reset policy configured. This policy is typically set up in the Azure AD Admin Center.
      • Navigate to Azure AD > Password reset and check if the password reset policy is configured for your tenant. If not, you will need to configure it by enabling self-service password reset for the users.
    2. Directory Setup:
      • It sounds like there might be a multi-directory setup where dirA is the primary directory, and dirB is used for specific access purposes. This can complicate user management.
      • When users are added to dirB from dirA and appear as external users, it suggests that dirB treats them as guests. Guest users have limited capabilities compared to member users.
    3. Owner Role and External User Status:
      • The account showing as "Owner" but also as an "External User" indicates that this account is likely a guest user with elevated permissions in dirB. However, guest users might still have some limitations.
      • Consider converting the guest user to a member user in dirB if you need full access and functionality.
    4. Steps to Resolve Issues: Check Password Reset Policy:
      • Verify that the password reset policy is enabled and properly configured.
      • If necessary, follow the Microsoft documentation to set up the self-service password reset: Azure AD self-service password reset. Directory User Management:
      • Review the configuration of your directories to understand why users are being added as external users in dirB.
      • Check the settings in Azure AD > External identities to see if there are any specific configurations causing this behavior.
      • Convert External User to Member User: if needed, convert the external user to a member user in dirB:
      • Go to Azure AD > Users.
      • Select the external user and click on Edit.
      • Change the user type from Guest to Member. Collaboration and Access Management:
      • Consider using Azure AD B2B collaboration features to manage external users and their access more effectively: Azure AD B2B documentation.

    If nothing works, and if you have tight timeline, i would suggest you raise a support ticket with microsoft for quick help.

    https://azure.microsoft.com/en-us/support/create-ticket/

    Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.

    0 comments