Harry Youd harryyoud

How to Reset Or Update User Passwords In Azure AD with Microsoft Graph API

Background and Reason

There are two ways of using Microsoft Graph to read and write resources

Delegated permissions: can have delegated permissons, such as Directory.AsUser, but it must go through an interactive sign-in
Application permissions: doesn’t need an interactive sign-in, perfect for backend service to use. However, cannot have some delegated permission as it’s not a real user, so it’s unable to be delegated.

So, if we build a service or app to access the Microsoft graph, we have to use the application permission mode to avoid the interactive sign-in, which means the access is not triggered by any user. however, When updating the passwordProfile property, the following permission is required: Directory.AccessAsUser.All, which is only a delegated permission. and that’s why the update of the password profile will fail regardless of what permissions assigned.

Solution

Open a command prompt as Administrator
In the command prompt, type the following:

Office 2016 (32-bit) on a 32-bit version of Windows

cscript "C:\Program Files\Microsoft Office\Office16\OSPP.VBS" /dstatus
Office 2016 (32-bit) on a 64-bit version of Windows

cscript "C:\Program Files (x86)\Microsoft Office\Office16\OSPP.VBS" /dstatus
Office 2016 (64-bit) on a 64-bit version of Windows

	#!/bin/sh

	FLASH_TIME=$(opkg info busybox \| grep '^Installed-Time: ')

	for i in $(opkg list-installed \| cut -d' ' -f1)
	do
	if [ "$(opkg info $i \| grep '^Installed-Time: ')" != "$FLASH_TIME" ]
	then
	echo $i
	fi

	import queue
	import json
	import logging
	import os
	import requests
	import sys
	import threading
	import time

	import paramiko

	FROM ruby:3.2

	WORKDIR /src
	ADD Gemfile /src
	ADD Gemfile.lock /src
	RUN gem install bundler
	RUN bundle install

	VOLUME /src
	ENTRYPOINT [ "bundle", "exec", "jekyll", "build", "--future" ]

	#!/bin/bash
	for x in platform media shared; do
	echo ${x}_key_release="$(openssl pkcs8 -in $x.pk8 -inform DER -outform PEM -nocrypt \| openssl rsa -pubout \| tail -n+2 \| head -n-1 \| tr -d '\n')"
	echo ${x}_cert_release="$(openssl x509 -outform der -in $x.x509.pem \| base16)"
	done

	echo release_key="$(openssl pkcs8 -in releasekey.pk8 -inform DER -outform PEM -nocrypt \| openssl rsa -pubout \| tail -n+2 \| head -n-1 \| tr -d '\n')"
	echo release_cert="$(openssl x509 -outform der -in releasekey.x509.pem \| base16)"

	#!/usr/bin/env python
	#
	# shipit.py
	# v1.7.1
	#
	# Written by Dan Pasanen, 2016
	# WTFPL
	#
	# CHANGES
	# v1.0 - initial release

	__bionic_open_tzdata: couldn't find any tzdata when looking for GMT!
	Starting TWRP 3.1.1-0-9c3b7e99 on Sat Jan 17 05:17:07 1970
	(pid 331)
	BOARD_HAS_NO_REAL_SDCARD := true
	RECOVERY_SDCARD_ON_DATA := true
	I:Lun file '/sys/class/android_usb/android0/f_mass_storage/lun0/file' does not exist, USB storage mode disabled
	TW_INCLUDE_CRYPTO := true
	I:TW_BRIGHTNESS_PATH := /sys/class/leds/lcd-backlight/brightness
	I:Found brightness file at '/sys/class/leds/lcd-backlight/brightness'
	I:Got max brightness 255 from '/sys/class/leds/lcd-backlight/max_brightness'

	A6020: shr3ps, scritch007, danielstuart14
	P024: vm03
	Z008: crpalmer, jrior001, sayeed99
	Z00A: crpalmer, jrior001, sayeed99
	Z00D: flex1911
	Z00L: LuK1337, luca020400
	Z00T: LuK1337, luca020400
	addison: Alberto97
	angler doesn't have a wiki page
	armani: fefifofum

	angler doesn't have a wiki page
	axon7 doesn't have an install method listed
	che10 doesn't have an install method listed
	cherry doesn't have an install method listed
	d800 doesn't have an install method listed
	d801 doesn't have an install method listed
	d802 doesn't have an install method listed
	d803 doesn't have an install method listed
	d850 doesn't have an install method listed
	d851 doesn't have an install method listed