Search This Blog

Friday, June 14, 2019

Mindcore Tech and SSPR follow-up

Yesterday at our Mindcore Tech meeting, one of our test sceneries did not work as expected.

We did not get the reset password option on the Windows 10 insider build.

https://blog.mindcore.dk/2019/03/azure-ad-password-reset-on-login-screen.html

The reason behind was “just” some missing configuration in the lab we build during the meeting Smile

In order to use  SSPR from the Windows 10 login page the computer must be Azure AD joined or Hybrid Azure AD joined, and our test computer was neither.

image

No SCP (service connection point) was created and the computer was in an OU not getting synchronized by Azure AD connect.

So first I moved the computer to the correct OU and setup SCP as shown here:

image

image

image

image

image

image

SCP in AD:

image

After some time status on the client changed:

image

And the required certificates gets inserted in the local computer certificate store:

image

And just like magic Smile

image

image

Thanks  to all of you joining the Mindcore Tech meeting, and see you all next time Smile

No comments:

Post a Comment