Question

You manage a local Active Directory Domain Services environment. Your company purchases an Enterprise E1 license for all users.You need to implement self-service password reset. You want to achieve this goal while minimizing costs.Which two actions should you perform?

Answer 1

To implement self-service password reset in an Active Directory Domain Services environment while minimizing costs, you should enable users to reset their passwords using Azure AD self-service password reset and implement multi-factor authentication.

Step-by-step explanation:

Implementing Self-Service Password Reset

In order to implement self-service password reset in your Active Directory Domain Services environment, while minimizing costs, you can take the following two actions:

1. Enable the users to reset their passwords themselves by using the Azure AD self-service password reset feature. This feature is included with the Enterprise E1 license and allows users to reset their passwords through various methods like security questions, email verification, or using a mobile app.
2. Implement multi-factor authentication (MFA) to enhance security. MFA adds an extra layer of protection by requiring users to provide additional verification, such as a code sent to their mobile device, in addition to their password, before they can reset their password.