Step 8: Verify SSPR

  • Article

Verifying our SSPR implementation consists of the following steps:

  • Register CORP\jsmith in the Password Registration Portal

  • Reset CORP\jsmith’s password from the Extranet

  • Log into Outlook Web Access from CLIENT 2 to verify the password change worked.

Register CORP\jsmith in the Password Registration Portal

First, we need to register our user, John Smith. This will involve logging on to the Password Registration portal and providing answers to our 3 questions and providing a one-time password mobile phone number. For the purposes of this lab, we will not be entering a real phone number. To test this, substitute your smartphone number for the one specified below.

To register CORP\jsmith in the Password Registration Portal

  1. Log on to CLIENT1.corp.contoso.com as CORP\jsmith.

  2. Click Start, select All Programs, and then click Internet Explorer (64-bit).

  3. In the Internet Explorer address bar enter https://passwordregistration.corp.contoso.com and hit enter. Enter John Smiths credentials when prompted.

  4. On the Password Registration home page click Next.

  5. On the Your Current Password page, enter John Smiths password in the box and click Next.

  6. On the Register Your Answers page, in the box under What is your mothers middle name? enter Michelle.

  7. On the Register Your Answers page, in the box under What is your fathers middle name? enter Norman.

  8. On the Register Your Answers page, in the box under What is your pets first name? enter Spot.

  9. On the Mobile Phone Verification page, in the box under Mobile Phone: enter 555-1212.

  10. Click Next.

  11. Click Finish.

  12. Close Internet Explorer.

Reset CORP\jsmith’s password from the Extranet

Now we will reset CORP\jsmith’s account from a machine that is not joined to our domain, CLIENT2. CLIENT2 is sitting on the same subnet as our domain and is using the same DHCP server so name resolution for our password reset site will not be an issue.

To Reset CORP\jsmith’s password from the Extranet

  1. Log on to CLIENT2 as the default user.

  2. Click Start, select All Programs, and then click Internet Explorer (64-bit).

  3. In the Internet Explorer address bar enter https://passwordreset.corp.contoso.com and hit enter. This site will come up but it will say that there is a problem with the website’s security certificate. This is because CLIENT2 knows nothing about the CA (as being trusted or not) on DC1. This can be ignored. Click Continue to this website (not recommended).

  4. On the Password Reset home enter CORP\jsmith and click Next.

  5. On the Submit Your Answers page, in the box under What is your mothers middle name? enter Michelle.

  6. On the Submit Your Answers page, in the box under What is your fathers middle name? enter Norman.

  7. On the Submit Your Answers page, in the box under What is your pets first name? enter Spot.

  8. Click Next.

  9. You should be on the Mobile Phone Verification page. Check your mobile phone for a text message. Copy the 6 digit code in the message and enter it into the box on the Mobile Phone Verification page.

  10. Click Next.

  11. On the Choose Your New Password screen, in the box under Enter a new password enter Pass1word$2

  12. On the Choose Your New Password screen, in the box under Re-enter the password enter Pass1word$2

  13. Click Next. This will come back and say that the password was successfully changed. Click Finish.

  14. Close Internet Explorer.

Log into Outlook Web Access from CLIENT 2 to verify the password change worked.

Now we will log on to Outlook Web Access using the newly changed password.

To log into Outlook Web Access from CLIENT 2 to verify the password change worked.

  1. Click Start, select All Programs, and then click Internet Explorer (64-bit).

  2. In the Internet Explorer address bar enter https://ex1.corp.contoso.com/owa and hit enter. This site will come up but it will say that there is a problem with the website’s security certificate. This is because CLIENT2 knows nothing about the CA (as being trusted or not) on DC1. This can be ignored. Click Continue to this website (not recommended).

  3. On the Outlook Web App screen, next to Domain\user enter CORP\jsmith.

  4. On the Outlook Web App screen, next to Password enter Pass1word$2.

  5. Click Sign in. Outlook web access should now come up.

  6. Close Internet Explorer.