Azure SQL Managed Instance and Azure Active Directory Authentication
Question
Question : In Azure SQL Managed Instance , what is the procedure for setting Password Expiration when using Azure Active Directory (AAD) Authentication ? As shown below, in SSMS , I see Password Expiration option is grayed out:
1 answers
solution1
0 2022-11-25 09:15:50
To set Password expiration policy for Azure AD user accounts, you need to have Global Administrator role on your tenant.
If you don't have that role, contact admin and get yourself assigned with Global Administrator role like below:
Go to Azure Portal -> Azure Active Directory -> Users -> Select user -> Assigned roles -> Add assignments
Login to Microsoft 365 admin center with above Global admin credentials and follow below steps to set password expiration policy :
Go to Microsoft 365 admin center -> Settings -> Org settings -> Security & privacy
By default , this option is set to passwords never expire for entire organization like below:
If you want to set password expiration for particular number of days, uncheck the box and enter the number like below:
If you want to set password expiration policy for specific user, you can use below PowerShell commands:
Connect-AzureAD
#To check the expiration policy for a password of specific user
Get-AzureADUser -ObjectId <userID/UPN> | Select-Object UserprincipalName,@{
N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"}
}
#To set password to expire
Set-AzureADUser -ObjectId <userID/UPN> -PasswordPolicies None
Response:
Reference: Set an individual user's password to expire - Microsoft
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.