Good Day,
Our issue is that when users are off the corporate network (ie Travelling Abroad) and they forget their password they are currently out of luck and the only way to get them back into their laptop would be for them to return to one of our sites to sign in.
Ive setup AAD with password write back and users are able to change their own passwords via office.com but again, they still have to return to the LAN to authenticate against a domain controller to access their machine with their changed password.
Im trying to find out if devices can be sync'd with AAD so that if a user is off the LAN then all they would need is internet access and they could authenticate against AAD to gain access to their laptop with a changed password.
Ive attempted an EMS Fast Track with Microsoft but this only lead to the consultant saying that we are too far along in the integration for FastTrack to be any use, and im not getting any clear suggestions as to whether the above can be implemented or not.
Any advice is highly appreciated.