Self Service PW Reset from LogonScreen

With W10 1803, it’s now possible to reset your password with a Hybrid Azure AD Joined (Domain Joined, Synchronized to Azure AD) device directly from Logon Screen.


The following actions needs to be done to fullfill this:

  • Configure your Azure AD Connect Service to synchronice device records


  • Set the following registry key to enable the “reset password” button on your logon screen: “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\AzureADAccount\AllowPasswordReset” dword:00000001


Thats it, now your users are able to reset their passwords through the well known Azure AD SSPR feature:


New Tool: SetupDiag.exe

With setupdiag.exe, Microsoft is providing us an easy way to troubleshoot faild inplace upgrades. This is handy if you don’t like to crawl through massive logs in different places.

Here is a first impression:

First, download it here:

Then run it on your failed client with /online, or copy down all the logs and refere within the /offline switch. In my case, I’m troubleshooting directly on a failed client:


Now it’s collection every relevant entry in all the different locations and displays the interessting lines:


this is it, in my case it was the EFI Disk which was in a bad shape (led there by searching the 0x80070002 error). If you need the results collected, it stored in the path specified in the /Output parameter, the log itselfs looks like this: