Après plusieurs essais, nous venons de trouver la solution:
Avec Powershell, en privilège élevé, il faut taper la commande :
Connect-MgGraph -Scopes "User.ManageIdentities.All","User.EnableDisableAccount.All","Directory.ReadWrite.All","Directory.AccessAsUser.All","User.ReadWrite.All"
après la connexion (avec le même compte d'Administrateur inscrit dans Koxo), faut accepter les privilèges renvoyées par Microsoft et le script de changement de mot de passe refonctionne.
Peut-être les développeurs peuvent inclure ces privilèges dans le script "UserPasswordO365.ps1"......
Merci
Marc
####################################################################################################
[LOG_STARTED] [29/08/2025 09:46:16] Utilisateur="PEDA\administrateur" Ordinateur="SRV-PEDA"
####################################################################################################
#
[OFFICE365] [29/08/2025 09:52:03] {Changement de mot de passe} Utilisateur : Marc TEST (mtest) Adresse email : marc.test@lyceeXXXX.fr
[OFFICE365] [29/08/2025 09:52:03] {Changement de mot de passe} Script="C:\Program Files\KoXo Dev\KoXoAdm\AdminScripts\UserPasswordO365.ps1"
[POWERSHELL] [08/29/2025 09:52:05]: [OK] Powershell module "ExchangeOnlineManagement" V3.8.0 loaded
[POWERSHELL] [08/29/2025 09:52:10]: [OK] Connection to Microsoft Graph was successful !
[POWERSHELL] [08/29/2025 09:52:11]: [INFO] (Application.Read.All,Application.ReadWrite.All,ChannelMember.ReadWrite.All,Directory.AccessAsUser.All,Directory.Read.All,Directory.ReadWrite.All,Domain.Read.All,Group.Read.All,Group.ReadWrite.All,GroupMember.ReadWrite.All,openid,Organization.Read.All,Organization.ReadWrite.All,profile,RoleManagement.ReadWrite.Directory,TeamMember.ReadWrite.All,TeamsApp.ReadWrite.All,TeamsAppInstallation.ReadWriteForTeam,TeamsAppInstallation.ReadWriteSelfForTeam,TeamSettings.ReadWrite.All,TeamsTab.ReadWrite.All,User.EnableDisableAccount.All,User.ManageIdentities.All,User.Read,User.Read.All,User.ReadWrite.All,email)
[POWERSHELL] [08/29/2025 09:52:11]: [INFO] (Authentication type: Delegated)
[POWERSHELL] [08/29/2025 09:52:11]: [INFO] (Credential type : InteractiveBrowser)
[POWERSHELL] [08/29/2025 09:52:20]: [OK] Connection was successful to Microsoft Exchange Online Management
[POWERSHELL] [08/29/2025 09:52:20]: [OFFICE365] Marc TEST (marc.test@lyceeXXXXXXXXXX.fr)
[POWERSHELL] [08/29/2025 09:52:23]: [OK] Successfully configure password policies "DisableStrongPassword,DisablePasswordExpiration" for "Marc TEST" (marc.test@lyceeXXXXXXXXXXXX.fr)
[POWERSHELL] [08/29/2025 09:52:23]: [OK] Successfully change user password for "Marc TEST" "marc.test@lyceeXXXXXXXXXX.fr"
[POWERSHELL] ErrorsCount[marc.test@lyceeXXXXXXX.fr]=0
[POWERSHELL] WarningsCount[marc.test@lyceeXXXXX.fr]=0
[POWERSHELL] [08/29/2025 09:52:23]: [OK] Disconnection from Microsoft Graph was successful
[POWERSHELL] TotalErrorsCount=0
[POWERSHELL] TotalWarningsCount=0