-
Wrong answer for question about Password Administrator.
updated 4 weeks, 1 day ago
2 Members
·
4
Posts
-
In this question:
“Category: SC-300 – Implement and Manage User IdentitiesYou manage a Microsoft 365 E5 environment where users are assigned to different administrative units and delegated specific roles. The following configuration outlines their current access and responsibilities:
You need to determine which users, Liza and Ramon, are authorized to reset passwords based on their assigned roles and scope. Select the correct answer from the drop-down list of options. Each correct selection is worth one point.”
The given answer that Liza can reset everyone’s password is incorrect.
Password admin cannot reset other administrators passwords, only these three roles:
Guest Inviter, Password Admin, Directory Readers.
See https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/privileged-roles-permissions?tabs=admin-center#who-can-reset-passwordsDirectory Readers is not the same as global reader, therefore Liza would not be able to reset Jose’s password.
-
Hello avrohomdu,
Thank you for bringing this to our attention.
We reviewed the official Microsoft documentation, which states that the Password Administrator role can reset passwords for non‑administrators and other Password Administrators (as well as Guest Inviters and Directory Readers). To confirm, we simulated the scenario in our environment and verified that Password Administrators cannot reset passwords for users with the Global Reader role.
We will make the necessary updates, which should be reflected on the portal soon.
Let us know if you need further assistance.
Best regards,
JR @ Tutorials Dojo -
Thank you.
-
You’re welcome, Avrohomdu. Please feel free to reach out if you need any further assistance or notice anything we can improve.
-
Log in to reply.