Problem:


Im BPOS erscheint die Meldung:

"Sie können die Kennwörter von Verbundbenutzern nur in Ihrem Active Directory zurücksetzen"


Lösung:


Die Rücksetzung funktioniert über Azure Powershell:


Syntax

Set-MsolUserPassword -ObjectId <Guid> [-ForceChangePassword <Boolean>] [-NewPassword <string>] [-TenantId <Guid>] [<CommonParameters>]


Set-MsolUserPassword -UserPrincipalName <string> [-ForceChangePassword <Boolean>] [-NewPassword <string>] [-TenantId <Guid>] [<CommonParameters>]


    -ForceChangePassword <Boolean>
        When true, the user will be required to change their password the next 
        time they sign in.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -NewPassword <string>
        The new password for the user. If the user is set to require a strong 
        password, then all of the following rules must be met:
        - The password must contain at least one lowercase letter
        - The password must contain at least one uppercase letter
        - The password must contain at least one non-alphanumeric character
        - The password cannot contain any spaces, tabs, or line breaks
        - The length of the password must be 8-16 characters
        - The user name cannot be contained in the password
        
        If this value is omitted, then a random password will be assigned to 
        the user.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -ObjectId <Guid>
        The unique ID of the user to set the password for.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -TenantId <Guid>
        The unique ID of the tenant to perform the operation on. If this is 
        not provided then the value will default to the tenant of the current 
        user. This parameter is only applicable to partner users.
        
        Required?                    false
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    -UserPrincipalName <string>
        The user ID of the user to set the password for.
        
        Required?                    true
        Position?                    named
        Default value                
        Accept pipeline input?       true (ByPropertyName)
        Accept wildcard characters?  false
        
    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer and OutVariable. For more information, type,
        "get-help about_commonparameters".

In den folgenden Beispielen wird veranschaulicht, wie dieses Cmdlet zu verwenden ist.

Der folgende Befehl setzt das Kennwort für user@contoso.com zurück. Das Kennwort wird nach dem Zufallsprinzip generiert. Der Benutzer muss bei der nächsten Anmeldung das Kennwort zurücksetzen.

Set-MsolUserPassword -UserPrincipalName user@contoso.com

Dieser Befehl setzt das Kennwort für user@contoso.com zurück. Der Benutzer muss bei der nächsten Anmeldung das Kennwort zurücksetzen.

Set-MsolUserPassword -userPrincipalName user@consoso.com -NewPassword "pa$word"